Author: coheigea
Date: Tue Nov 30 16:40:51 2010
New Revision: 1040628
URL: http://svn.apache.org/viewvc?rev=1040628&view=rev
Log:
Some minor changes.
Modified:
cxf/sandbox/wss4j-1.6-port/distribution/src/main/release/samples/ws_security/interopfest/wssc/src/main/java/interop/client/KeystorePasswordCallback.java
cxf/sandbox/wss4j-1.6-port/distribution/src/main/release/samples/ws_security/interopfest/wssec11/src/main/java/interop/server/KeystorePasswordCallback.java
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenProcessorWithoutCallbacks.java
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/CustomProcessor.java
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWss4JInOutTest.java
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/SignatureConfirmationTest.java
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JInOutTest.java
Modified:
cxf/sandbox/wss4j-1.6-port/distribution/src/main/release/samples/ws_security/interopfest/wssc/src/main/java/interop/client/KeystorePasswordCallback.java
URL:
http://svn.apache.org/viewvc/cxf/sandbox/wss4j-1.6-port/distribution/src/main/release/samples/ws_security/interopfest/wssc/src/main/java/interop/client/KeystorePasswordCallback.java?rev=1040628&r1=1040627&r2=1040628&view=diff
==============================================================================
---
cxf/sandbox/wss4j-1.6-port/distribution/src/main/release/samples/ws_security/interopfest/wssc/src/main/java/interop/client/KeystorePasswordCallback.java
(original)
+++
cxf/sandbox/wss4j-1.6-port/distribution/src/main/release/samples/ws_security/interopfest/wssc/src/main/java/interop/client/KeystorePasswordCallback.java
Tue Nov 30 16:40:51 2010
@@ -61,17 +61,11 @@ public class KeystorePasswordCallback im
//The above is an issue when doing encrypt or signing only.
//Perhaps using a more suitable keystore format like .jks
would be better
pc.setPassword("password");
- return;
} catch (NumberFormatException nfe) {
- //not a pfx alias, carry on to next
- }
-
- String pass = passwords.get(pc.getIdentifier());
- if (pass != null) {
- pc.setPassword(pass);
- return;
- } else {
- pc.setPassword("password");
+ String pass = passwords.get(pc.getIdentifier());
+ if (pass != null) {
+ pc.setPassword(pass);
+ }
}
}
}
Modified:
cxf/sandbox/wss4j-1.6-port/distribution/src/main/release/samples/ws_security/interopfest/wssec11/src/main/java/interop/server/KeystorePasswordCallback.java
URL:
http://svn.apache.org/viewvc/cxf/sandbox/wss4j-1.6-port/distribution/src/main/release/samples/ws_security/interopfest/wssec11/src/main/java/interop/server/KeystorePasswordCallback.java?rev=1040628&r1=1040627&r2=1040628&view=diff
==============================================================================
---
cxf/sandbox/wss4j-1.6-port/distribution/src/main/release/samples/ws_security/interopfest/wssec11/src/main/java/interop/server/KeystorePasswordCallback.java
(original)
+++
cxf/sandbox/wss4j-1.6-port/distribution/src/main/release/samples/ws_security/interopfest/wssec11/src/main/java/interop/server/KeystorePasswordCallback.java
Tue Nov 30 16:40:51 2010
@@ -42,6 +42,8 @@ public class KeystorePasswordCallback im
passwords.put("alice", "abcd!1234");
passwords.put("Bob", "abcd!1234");
passwords.put("bob", "abcd!1234");
+ passwords.put("350334201beea6502d11342f93eea09fc0b5df01", "password");
+ passwords.put("abcd", "dcba");
}
/**
@@ -55,9 +57,6 @@ public class KeystorePasswordCallback im
String pass = passwords.get(pc.getIdentifier());
if (pass != null) {
pc.setPassword(pass);
- return;
- } else {
- pc.setPassword("password");
}
}
}
Modified:
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
URL:
http://svn.apache.org/viewvc/cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java?rev=1040628&r1=1040627&r2=1040628&view=diff
==============================================================================
---
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
(original)
+++
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
Tue Nov 30 16:40:51 2010
@@ -25,6 +25,7 @@ import java.util.List;
import org.apache.cxf.Bus;
import org.apache.cxf.endpoint.Endpoint;
+import org.apache.cxf.helpers.CastUtils;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.message.Message;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
@@ -199,7 +200,6 @@ public class IssuedTokenInterceptorProvi
addAfter(PolicyBasedWSS4JInInterceptor.class.getName());
}
- @SuppressWarnings("unchecked")
public void handleMessage(Message message) throws Fault {
AssertionInfoMap aim = message.get(AssertionInfoMap.class);
// extract Assertion information
@@ -211,7 +211,7 @@ public class IssuedTokenInterceptorProvi
if (!isRequestor(message)) {
boolean found = false;
List<WSHandlerResult> results =
-
(List<WSHandlerResult>)message.get(WSHandlerConstants.RECV_RESULTS);
+
CastUtils.cast((List<?>)message.get(WSHandlerConstants.RECV_RESULTS));
if (results != null) {
for (WSHandlerResult rResult : results) {
List<WSSecurityEngineResult> wsSecEngineResults =
Modified:
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java
URL:
http://svn.apache.org/viewvc/cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java?rev=1040628&r1=1040627&r2=1040628&view=diff
==============================================================================
---
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java
(original)
+++
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationInInterceptor.java
Tue Nov 30 16:40:51 2010
@@ -35,6 +35,7 @@ import org.apache.cxf.binding.soap.SoapB
import org.apache.cxf.binding.soap.SoapMessage;
import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.endpoint.Endpoint;
+import org.apache.cxf.helpers.CastUtils;
import org.apache.cxf.helpers.DOMUtils;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.interceptor.Interceptor;
@@ -445,12 +446,11 @@ class SecureConversationInInterceptor ex
addAfter(WSS4JInInterceptor.class.getName());
}
- @SuppressWarnings("unchecked")
public void handleMessage(SoapMessage message) throws Fault {
//Find the SC token
boolean found = false;
List<WSHandlerResult> results =
-
(List<WSHandlerResult>)message.get(WSHandlerConstants.RECV_RESULTS);
+
CastUtils.cast((List<?>)message.get(WSHandlerConstants.RECV_RESULTS));
if (results != null) {
for (WSHandlerResult rResult : results) {
List<WSSecurityEngineResult> wsSecEngineResults =
rResult.getResults();
Modified:
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
URL:
http://svn.apache.org/viewvc/cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java?rev=1040628&r1=1040627&r2=1040628&view=diff
==============================================================================
---
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
(original)
+++
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
Tue Nov 30 16:40:51 2010
@@ -454,7 +454,8 @@ public class PolicyBasedWSS4JInIntercept
}
protected void doResults(SoapMessage msg, String actor,
- SOAPMessage doc, List results, boolean
utWithCallbacks)
+ SOAPMessage doc, List<WSSecurityEngineResult>
results,
+ boolean utWithCallbacks)
throws SOAPException, XMLStreamException, WSSecurityException {
AssertionInfoMap aim = msg.get(AssertionInfoMap.class);
@@ -464,9 +465,7 @@ public class PolicyBasedWSS4JInIntercept
boolean hasEndorsement = false;
Protections prots = Protections.NONE;
- for (int j = 0; j < results.size(); j++) {
- WSSecurityEngineResult wser =
- (WSSecurityEngineResult) results.get(j);
+ for (WSSecurityEngineResult wser : results) {
Integer actInt =
(Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
switch (actInt.intValue()) {
case WSConstants.SIGN:
Modified:
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java
URL:
http://svn.apache.org/viewvc/cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java?rev=1040628&r1=1040627&r2=1040628&view=diff
==============================================================================
---
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java
(original)
+++
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java
Tue Nov 30 16:40:51 2010
@@ -128,12 +128,12 @@ public class UsernameTokenInterceptor ex
try {
final WSUsernameTokenPrincipal princ = getPrincipal(child,
message);
if (princ != null) {
- Vector<WSSecurityEngineResult>v = new
Vector<WSSecurityEngineResult>();
+ List<WSSecurityEngineResult>v = new
Vector<WSSecurityEngineResult>();
v.add(0, new WSSecurityEngineResult(WSConstants.UT,
princ, null, null, null));
- List<Object> results = CastUtils.cast((List)message
+ List<WSHandlerResult> results =
CastUtils.cast((List<?>)message
.get(WSHandlerConstants.RECV_RESULTS));
if (results == null) {
- results = new Vector<Object>();
+ results = new Vector<WSHandlerResult>();
message.put(WSHandlerConstants.RECV_RESULTS,
results);
}
WSHandlerResult rResult = new WSHandlerResult(null, v);
Modified:
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenProcessorWithoutCallbacks.java
URL:
http://svn.apache.org/viewvc/cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenProcessorWithoutCallbacks.java?rev=1040628&r1=1040627&r2=1040628&view=diff
==============================================================================
---
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenProcessorWithoutCallbacks.java
(original)
+++
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenProcessorWithoutCallbacks.java
Tue Nov 30 16:40:51 2010
@@ -52,14 +52,14 @@ public class UsernameTokenProcessorWitho
private String utId;
private UsernameToken ut;
- @SuppressWarnings("unchecked")
public void handleToken(Element elem, Crypto crypto, Crypto decCrypto,
CallbackHandler cb,
- WSDocInfo wsDocInfo, List returnResults, WSSConfig wsc) throws
WSSecurityException {
+ WSDocInfo wsDocInfo, List<WSSecurityEngineResult> returnResults,
WSSConfig wsc
+ ) throws WSSecurityException {
if (LOG.isLoggable(Level.FINE)) {
LOG.fine("Found UsernameToken list element");
}
- Principal principal = handleUsernameToken((Element) elem, cb);
+ Principal principal = handleUsernameToken(elem, cb);
returnResults.add(
0,
new WSSecurityEngineResult(WSConstants.UT, principal, null, null,
null)
Modified:
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
URL:
http://svn.apache.org/viewvc/cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java?rev=1040628&r1=1040627&r2=1040628&view=diff
==============================================================================
---
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
(original)
+++
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
Tue Nov 30 16:40:51 2010
@@ -110,12 +110,11 @@ public class WSS4JInInterceptor extends
ignoreActions = ignore;
}
- @SuppressWarnings("unchecked")
public WSS4JInInterceptor(Map<String, Object> properties) {
this();
setProperties(properties);
final Map<QName, Object> map = CastUtils.cast(
- (Map)properties.get(PROCESSOR_MAP));
+ (Map<?, ?>)properties.get(PROCESSOR_MAP));
if (map != null) {
secEngineOverride = createSecurityEngine(map);
}
@@ -185,6 +184,7 @@ public class WSS4JInInterceptor extends
}
RequestData reqData = new RequestData();
+ reqData.setWssConfig(engine.getWssConfig());
/*
* The overall try, just to have a finally at the end to perform some
* housekeeping.
@@ -200,6 +200,11 @@ public class WSS4JInInterceptor extends
String actor = (String)getOption(WSHandlerConstants.ACTOR);
CallbackHandler cbHandler = getCallback(reqData, doAction,
utWithCallbacks);
+
+ String passwordTypeStrict =
(String)getOption(WSHandlerConstants.PASSWORD_TYPE_STRICT);
+ if (passwordTypeStrict == null) {
+ setProperty(WSHandlerConstants.PASSWORD_TYPE_STRICT, "true");
+ }
/*
* Get and check the Signature specific parameters first because
@@ -207,12 +212,11 @@ public class WSS4JInInterceptor extends
*/
doReceiverAction(doAction, reqData);
- List<WSSecurityEngineResult> wsResult = null;
if (doTimeLog) {
t1 = System.currentTimeMillis();
}
- wsResult = engine.processSecurityHeader(
+ List<WSSecurityEngineResult> wsResult =
engine.processSecurityHeader(
doc.getSOAPPart(),
actor,
cbHandler,
@@ -299,34 +303,23 @@ public class WSS4JInInterceptor extends
}
}
- private void checkSignatures(SoapMessage msg, RequestData reqData, List
wsResult)
- throws WSSecurityException {
- /*
- * Now we can check the certificate used to sign the message. In the
- * following implementation the certificate is only trusted if
- * either it itself or the certificate of the issuer is installed in
- * the keystore. Note: the method verifyTrust(X509Certificate)
- * allows custom implementations with other validation algorithms
- * for subclasses.
- */
-
+ private void checkSignatures(
+ SoapMessage msg, RequestData reqData, List<WSSecurityEngineResult>
wsResult
+ ) throws WSSecurityException {
// Extract the signature action result from the action vector
- List signatureResults = new Vector();
+ List<WSSecurityEngineResult> signatureResults = new
Vector<WSSecurityEngineResult>();
signatureResults =
WSSecurityUtil.fetchAllActionResults(wsResult, WSConstants.SIGN,
signatureResults);
+ // Store the last signature result
if (!signatureResults.isEmpty()) {
- for (int i = 0; i < signatureResults.size(); i++) {
- WSSecurityEngineResult result =
- (WSSecurityEngineResult) signatureResults.get(i);
-
- msg.put(SIGNATURE_RESULT, result);
- }
+ msg.put(SIGNATURE_RESULT,
signatureResults.get(signatureResults.size() - 1));
}
}
- protected void checkTimestamps(SoapMessage msg, RequestData reqData, List
wsResult)
- throws WSSecurityException {
+ protected void checkTimestamps(
+ SoapMessage msg, RequestData reqData, List<WSSecurityEngineResult>
wsResult
+ ) throws WSSecurityException {
/*
* Perform further checks on the timestamp that was transmitted in
* the header. In the following implementation the timestamp is
@@ -336,14 +329,12 @@ public class WSS4JInInterceptor extends
* other validation algorithms for subclasses.
*/
// Extract the timestamp action result from the action vector
- List timestampResults = new Vector();
+ List<WSSecurityEngineResult> timestampResults = new
Vector<WSSecurityEngineResult>();
timestampResults =
WSSecurityUtil.fetchAllActionResults(wsResult, WSConstants.TS,
timestampResults);
if (!timestampResults.isEmpty()) {
- for (int i = 0; i < timestampResults.size(); i++) {
- WSSecurityEngineResult result =
- (WSSecurityEngineResult) timestampResults.get(i);
+ for (WSSecurityEngineResult result : timestampResults) {
Timestamp timestamp =
(Timestamp)result.get(WSSecurityEngineResult.TAG_TIMESTAMP);
if (timestamp != null && !verifyTimestamp(timestamp,
decodeTimeToLive(reqData))) {
@@ -366,20 +357,23 @@ public class WSS4JInInterceptor extends
}
- protected void doResults(SoapMessage msg, String actor, SOAPMessage doc,
List wsResult)
- throws SOAPException, XMLStreamException, WSSecurityException {
+ protected void doResults(
+ SoapMessage msg, String actor, SOAPMessage doc,
List<WSSecurityEngineResult> wsResult
+ ) throws SOAPException, XMLStreamException, WSSecurityException {
doResults(msg, actor, doc, wsResult, false);
}
- protected void doResults(SoapMessage msg, String actor, SOAPMessage doc,
List wsResult,
- boolean utWithCallbacks) throws SOAPException, XMLStreamException,
WSSecurityException {
+ protected void doResults(
+ SoapMessage msg, String actor, SOAPMessage doc,
List<WSSecurityEngineResult> wsResult,
+ boolean utWithCallbacks
+ ) throws SOAPException, XMLStreamException, WSSecurityException {
/*
* All ok up to this point. Now construct and setup the security result
* structure. The service may fetch this and check it.
*/
- List<Object> results =
CastUtils.cast((List)msg.get(WSHandlerConstants.RECV_RESULTS));
+ List<WSHandlerResult> results =
CastUtils.cast((List<?>)msg.get(WSHandlerConstants.RECV_RESULTS));
if (results == null) {
- results = new Vector<Object>();
+ results = new Vector<WSHandlerResult>();
msg.put(WSHandlerConstants.RECV_RESULTS, results);
}
WSHandlerResult rResult = new WSHandlerResult(actor, wsResult);
@@ -397,23 +391,7 @@ public class WSS4JInInterceptor extends
i++;
}
msg.setContent(XMLStreamReader.class, reader);
- String pwType = (String)getProperty(msg, "passwordType");
- if ("PasswordDigest".equals(pwType)) {
- //CXF-2150 - we need to check the UsernameTokens
- for (WSSecurityEngineResult o : CastUtils.cast(wsResult,
WSSecurityEngineResult.class)) {
- Integer actInt =
(Integer)o.get(WSSecurityEngineResult.TAG_ACTION);
- if (actInt == WSConstants.UT) {
- WSUsernameTokenPrincipal princ
- =
(WSUsernameTokenPrincipal)o.get(WSSecurityEngineResult.TAG_PRINCIPAL);
- if (!princ.isPasswordDigest()) {
- LOG.warning("Non-digest UsernameToken found, but
digest required");
- throw new
WSSecurityException(WSSecurityException.INVALID_SECURITY);
- }
- }
- }
- }
-
- for (WSSecurityEngineResult o : CastUtils.cast(wsResult,
WSSecurityEngineResult.class)) {
+ for (WSSecurityEngineResult o : wsResult) {
final Principal p =
(Principal)o.get(WSSecurityEngineResult.TAG_PRINCIPAL);
if (p != null) {
msg.put(PRINCIPAL_RESULT, p);
@@ -568,9 +546,6 @@ public class WSS4JInInterceptor extends
* construction); otherwise, it is taken to be the default
* WSSecEngine instance (currently defined in the WSHandler
* base class).
- *
- * TODO the WSHandler base class defines secEngine to be static, which
- * is really bad, because the engine has mutable state on it.
*/
protected WSSecurityEngine getSecurityEngine(boolean utWithCallbacks) {
if (secEngineOverride != null) {
@@ -592,11 +567,8 @@ public class WSS4JInInterceptor extends
* @return a freshly minted WSSecurityEngine instance, using the
* (non-null) processor map, to be used to initialize the
* WSSecurityEngine instance.
- *
- * TODO The WSS4J APIs leave something to be desired here, but hopefully
- * we'll clean all this up in WSS4J-2.0
*/
- protected static WSSecurityEngine
+ protected WSSecurityEngine
createSecurityEngine(
final Map<QName, Object> map
) {
Modified:
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
URL:
http://svn.apache.org/viewvc/cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java?rev=1040628&r1=1040627&r2=1040628&view=diff
==============================================================================
---
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
(original)
+++
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
Tue Nov 30 16:40:51 2010
@@ -362,20 +362,20 @@ public abstract class AbstractBindingBui
Collection<AssertionInfo> ais;
ais = aim.get(SP12Constants.INCLUDE_TIMESTAMP);
if (ais != null) {
+ Object o =
message.getContextualProperty(SecurityConstants.TIMESTAMP_TTL);
+ int ttl = 300; //default is 300 seconds
+ if (o instanceof Number) {
+ ttl = ((Number)o).intValue();
+ } else if (o instanceof String) {
+ ttl = Integer.parseInt((String)o);
+ }
+ if (ttl <= 0) {
+ ttl = 300;
+ }
+ timestampEl = new WSSecTimestamp();
+ timestampEl.setTimeToLive(ttl);
+ timestampEl.prepare(saaj.getSOAPPart());
for (AssertionInfo ai : ais) {
- timestampEl = new WSSecTimestamp();
- Object o =
message.getContextualProperty(SecurityConstants.TIMESTAMP_TTL);
- int ttl = 300; //default is 300 seconds
- if (o instanceof Number) {
- ttl = ((Number)o).intValue();
- } else if (o instanceof String) {
- ttl = Integer.parseInt((String)o);
- }
- if (ttl <= 0) {
- ttl = 300;
- }
- timestampEl.setTimeToLive(ttl);
- timestampEl.prepare(saaj.getSOAPPart());
ai.setAsserted(true);
}
}
@@ -1162,31 +1162,13 @@ public abstract class AbstractBindingBui
}
}
- @SuppressWarnings("unchecked")
public void setEncryptionUser(WSSecEncryptedKey encrKeyBuilder,
TokenWrapper token,
boolean sign, Crypto crypto) {
String encrUser = (String)message.getContextualProperty(sign
?
SecurityConstants.SIGNATURE_USERNAME
:
SecurityConstants.ENCRYPT_USERNAME);
- if (crypto != null) {
- if (encrUser == null) {
- encrUser = crypto.getDefaultX509Alias();
- }
- if (encrUser == null) {
- try {
- Enumeration<String> en = crypto.getKeyStore().aliases();
- if (en.hasMoreElements()) {
- encrUser = en.nextElement();
- }
- if (en.hasMoreElements()) {
- //more than one alias in the keystore, user WILL need
- //to specify
- encrUser = null;
- }
- } catch (KeyStoreException e) {
- //ignore
- }
- }
+ if (crypto != null && encrUser == null) {
+ encrUser = getDefaultCryptoAlias(crypto);
} else if (encrUser == null || "".equals(encrUser)) {
policyNotAsserted(token, "No " + (sign ? "signature" :
"encryption") + " crypto object found.");
}
@@ -1194,13 +1176,15 @@ public abstract class AbstractBindingBui
policyNotAsserted(token, "No " + (sign ? "signature" :
"encryption") + " username found.");
}
if (WSHandlerConstants.USE_REQ_SIG_CERT.equals(encrUser)) {
- Object resultsObj =
message.getExchange().getInMessage().get(WSHandlerConstants.RECV_RESULTS);
- if (resultsObj != null) {
-
encrKeyBuilder.setUseThisCert(getReqSigCert((List<WSHandlerResult>)resultsObj));
+ List<WSHandlerResult> results =
+ CastUtils.cast((List<?>)
+
message.getExchange().getInMessage().get(WSHandlerConstants.RECV_RESULTS));
+ if (results != null) {
+ encrKeyBuilder.setUseThisCert(getReqSigCert(results));
//TODO This is a hack, this should not come under
USE_REQ_SIG_CERT
if (encrKeyBuilder.isCertSet()) {
-
encrKeyBuilder.setUserInfo(getUsername((List<WSHandlerResult>)resultsObj));
+ encrKeyBuilder.setUserInfo(getUsername(results));
}
} else {
policyNotAsserted(token, "No security results in incoming
message");
@@ -1210,6 +1194,26 @@ public abstract class AbstractBindingBui
}
}
+ protected String getDefaultCryptoAlias(Crypto crypto) {
+ String user = crypto.getDefaultX509Alias();
+ if (user == null) {
+ try {
+ Enumeration<String> en = crypto.getKeyStore().aliases();
+ if (en.hasMoreElements()) {
+ user = en.nextElement();
+ }
+ if (en.hasMoreElements()) {
+ //more than one alias in the keystore, user WILL need
+ //to specify
+ user = null;
+ }
+ } catch (KeyStoreException e) {
+ //ignore
+ }
+ }
+ return user;
+ }
+
private static X509Certificate getReqSigCert(List<WSHandlerResult>
results) {
/*
* Scan the results for a matching actor. Use results only if the
@@ -1314,25 +1318,8 @@ public abstract class AbstractBindingBui
message.getExchange().put(SecurityConstants.SIGNATURE_CRYPTO,
crypto);
}
String user = (String)message.getContextualProperty(userNameKey);
- if (crypto != null) {
- if (StringUtils.isEmpty(user)) {
- user = crypto.getDefaultX509Alias();
- }
- if (user == null) {
- try {
- Enumeration<String> en = crypto.getKeyStore().aliases();
- if (en.hasMoreElements()) {
- user = en.nextElement();
- }
- if (en.hasMoreElements()) {
- //more than one alias in the keystore, user WILL need
- //to specify
- user = null;
- }
- } catch (KeyStoreException e) {
- //ignore
- }
- }
+ if (crypto != null && StringUtils.isEmpty(user)) {
+ user = getDefaultCryptoAlias(crypto);
}
if (StringUtils.isEmpty(user)) {
policyNotAsserted(token, "No " + type + " username found.");
@@ -1619,7 +1606,6 @@ public abstract class AbstractBindingBui
doEndorsedSignatures(sgndEndSuppTokMap, tokenProtect, sigProtect);
}
- @SuppressWarnings("unchecked")
protected void addSignatureConfirmation(List<WSEncryptionPart> sigParts) {
Wss10 wss10 = getWss10();
@@ -1630,7 +1616,8 @@ public abstract class AbstractBindingBui
}
List<WSHandlerResult> results =
-
(List<WSHandlerResult>)message.getExchange().getInMessage().get(WSHandlerConstants.RECV_RESULTS);
+ CastUtils.cast((List<?>)
+
message.getExchange().getInMessage().get(WSHandlerConstants.RECV_RESULTS));
/*
* loop over all results gathered by all handlers in the chain. For
each
* handler result get the various actions. After that loop we have all
Modified:
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
URL:
http://svn.apache.org/viewvc/cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java?rev=1040628&r1=1040627&r2=1040628&view=diff
==============================================================================
---
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
(original)
+++
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
Tue Nov 30 16:40:51 2010
@@ -34,6 +34,7 @@ import org.w3c.dom.Element;
import org.apache.cxf.binding.soap.SoapMessage;
import org.apache.cxf.common.logging.LogUtils;
+import org.apache.cxf.helpers.CastUtils;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.ws.policy.AssertionInfo;
import org.apache.cxf.ws.policy.AssertionInfoMap;
@@ -412,7 +413,6 @@ public class AsymmetricBindingHandler ex
}
}
- @SuppressWarnings("unchecked")
private void setupEncryptedKey(TokenWrapper wrapper, Token token) throws
WSSecurityException {
if (!isRequestor() && token.isDerivedKeys()) {
//If we already have them, simply return
@@ -421,10 +421,12 @@ public class AsymmetricBindingHandler ex
}
//Use the secret from the incoming EncryptedKey element
- Object resultsObj =
message.getExchange().getInMessage().get(WSHandlerConstants.RECV_RESULTS);
- if (resultsObj != null) {
- encryptedKeyId =
getRequestEncryptedKeyId((List<WSHandlerResult>)resultsObj);
- encryptedKeyValue =
getRequestEncryptedKeyValue((List<WSHandlerResult>)resultsObj);
+ List<WSHandlerResult> results =
+ CastUtils.cast(
+
(List<?>)message.getExchange().getInMessage().get(WSHandlerConstants.RECV_RESULTS));
+ if (results != null) {
+ encryptedKeyId = getRequestEncryptedKeyId(results);
+ encryptedKeyValue = getRequestEncryptedKeyValue(results);
//In the case where we don't have the EncryptedKey in the
//request, for the control to have reached this state,
Modified:
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
URL:
http://svn.apache.org/viewvc/cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java?rev=1040628&r1=1040627&r2=1040628&view=diff
==============================================================================
---
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
(original)
+++
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
Tue Nov 30 16:40:51 2010
@@ -33,6 +33,7 @@ import org.w3c.dom.Element;
import org.apache.cxf.binding.soap.SoapMessage;
import org.apache.cxf.common.util.StringUtils;
+import org.apache.cxf.helpers.CastUtils;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.ws.policy.AssertionInfoMap;
import org.apache.cxf.ws.security.SecurityConstants;
@@ -745,11 +746,10 @@ public class SymmetricBindingHandler ext
return id;
}
- @SuppressWarnings("unchecked")
private String getEncryptedKey() {
- List<WSHandlerResult> results =
(List<WSHandlerResult>)message.getExchange().getInMessage()
- .get(WSHandlerConstants.RECV_RESULTS);
+ List<WSHandlerResult> results =
CastUtils.cast((List<?>)message.getExchange().getInMessage()
+ .get(WSHandlerConstants.RECV_RESULTS));
for (WSHandlerResult rResult : results) {
List<WSSecurityEngineResult> wsSecEngineResults =
rResult.getResults();
Modified:
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
URL:
http://svn.apache.org/viewvc/cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java?rev=1040628&r1=1040627&r2=1040628&view=diff
==============================================================================
---
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
(original)
+++
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
Tue Nov 30 16:40:51 2010
@@ -338,9 +338,9 @@ public class TransportBindingHandler ext
if (secTok.getX509Certificate() != null
|| securityTok != null) {
//the "getX509Certificate" this is to workaround an issue in
WCF
- //In WCF, for TransportBinding, in most cases, it doesn't
wan't any of
- //the headers signed even if the policy sais so. HOWEVER,
for KeyValue
- //IssuedTokends, it DOES want them signed
+ //In WCF, for TransportBinding, in most cases, it doesn't want
any of
+ //the headers signed even if the policy says so. HOWEVER,
for KeyValue
+ //IssuedTokens, it DOES want them signed
for (Header header : signdParts.getHeaders()) {
WSEncryptionPart wep = new
WSEncryptionPart(header.getName(),
header.getNamespace(),
Modified:
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/CustomProcessor.java
URL:
http://svn.apache.org/viewvc/cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/CustomProcessor.java?rev=1040628&r1=1040627&r2=1040628&view=diff
==============================================================================
---
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/CustomProcessor.java
(original)
+++
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/CustomProcessor.java
Tue Nov 30 16:40:51 2010
@@ -32,7 +32,6 @@ import org.apache.ws.security.processor.
*/
public class CustomProcessor implements Processor {
- @SuppressWarnings("unchecked")
public final void
handleToken(
final org.w3c.dom.Element elem,
@@ -40,10 +39,10 @@ public class CustomProcessor implements
final Crypto decCrypto,
final javax.security.auth.callback.CallbackHandler cb,
final WSDocInfo wsDocInfo,
- final java.util.List returnResults,
+ final java.util.List<WSSecurityEngineResult> returnResults,
final WSSConfig config
) throws WSSecurityException {
- final java.util.Map result =
+ final WSSecurityEngineResult result =
new WSSecurityEngineResult(
WSConstants.SIGN,
(SecurityContextToken) null
Modified:
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWss4JInOutTest.java
URL:
http://svn.apache.org/viewvc/cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWss4JInOutTest.java?rev=1040628&r1=1040627&r2=1040628&view=diff
==============================================================================
---
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWss4JInOutTest.java
(original)
+++
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWss4JInOutTest.java
Tue Nov 30 16:40:51 2010
@@ -47,6 +47,7 @@ import org.apache.cxf.binding.Binding;
import org.apache.cxf.binding.soap.SoapMessage;
import org.apache.cxf.endpoint.Endpoint;
import org.apache.cxf.feature.AbstractFeature;
+import org.apache.cxf.helpers.CastUtils;
import org.apache.cxf.interceptor.AbstractAttributedInterceptorProvider;
import org.apache.cxf.message.Message;
import org.apache.cxf.service.Service;
@@ -942,14 +943,12 @@ public class PolicyBasedWss4JInOutTest e
assertNotNull(result);
}
- @SuppressWarnings("unchecked")
private void verifyWss4jEncResults(SoapMessage inmsg) {
//
// There should be exactly 1 (WSS4J) HandlerResult
//
final List<WSHandlerResult> handlerResults =
- (List<WSHandlerResult>) inmsg
- .get(WSHandlerConstants.RECV_RESULTS);
+
CastUtils.cast((List<?>)inmsg.get(WSHandlerConstants.RECV_RESULTS));
assertNotNull(handlerResults);
assertSame(handlerResults.size(), 1);
@@ -963,8 +962,8 @@ public class PolicyBasedWss4JInOutTest e
//
final Map<String, Object> result = (Map<String, Object>)
protectionResults
.get(0);
- final List<WSDataRef> protectedElements = (List<WSDataRef>) result
- .get(WSSecurityEngineResult.TAG_DATA_REF_URIS);
+ final List<WSDataRef> protectedElements =
+
CastUtils.cast((List<?>)result.get(WSSecurityEngineResult.TAG_DATA_REF_URIS));
assertNotNull(protectedElements);
}
Modified:
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/SignatureConfirmationTest.java
URL:
http://svn.apache.org/viewvc/cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/SignatureConfirmationTest.java?rev=1040628&r1=1040627&r2=1040628&view=diff
==============================================================================
---
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/SignatureConfirmationTest.java
(original)
+++
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/SignatureConfirmationTest.java
Tue Nov 30 16:40:51 2010
@@ -34,6 +34,7 @@ import javax.xml.transform.dom.DOMSource
import org.w3c.dom.Document;
import org.apache.cxf.binding.soap.SoapMessage;
+import org.apache.cxf.helpers.CastUtils;
import org.apache.cxf.helpers.DOMUtils.NullResolver;
import org.apache.cxf.message.Exchange;
import org.apache.cxf.message.ExchangeImpl;
@@ -42,6 +43,7 @@ import org.apache.cxf.phase.PhaseInterce
import org.apache.cxf.staxutils.StaxUtils;
import org.apache.ws.security.WSSecurityEngineResult;
import org.apache.ws.security.handler.WSHandlerConstants;
+import org.apache.ws.security.handler.WSHandlerResult;
/**
@@ -58,7 +60,6 @@ public class SignatureConfirmationTest e
}
@org.junit.Test
- @SuppressWarnings("unchecked")
public void testSignatureConfirmationRequest() throws Exception {
Document doc = readDocument("wsse-request-clean.xml");
@@ -97,11 +98,9 @@ public class SignatureConfirmationTest e
//
// Save the signature for future confirmation
//
- Object sigv = msg.get(WSHandlerConstants.SEND_SIGV);
+ List<WSHandlerResult> sigv =
CastUtils.cast((List<?>)msg.get(WSHandlerConstants.SEND_SIGV));
assertNotNull(sigv);
- assertTrue(sigv instanceof List);
- assertTrue(((List<Object>)sigv).size() != 0);
- List<Object> sigSaved = (List<Object>)sigv;
+ assertTrue(sigv.size() != 0);
XMLStreamReader reader = StaxUtils.createXMLStreamReader(new
ByteArrayInputStream(docbytes));
@@ -135,17 +134,18 @@ public class SignatureConfirmationTest e
(WSSecurityEngineResult)
inmsg.get(WSS4JInInterceptor.SIGNATURE_RESULT);
assertNotNull(result);
- List<Object> sigReceived =
(List<Object>)inmsg.get(WSHandlerConstants.RECV_RESULTS);
+ List<WSHandlerResult> sigReceived =
+
CastUtils.cast((List<?>)inmsg.get(WSHandlerConstants.RECV_RESULTS));
assertNotNull(sigReceived);
assertTrue(sigReceived.size() != 0);
- testSignatureConfirmationResponse(sigSaved, sigReceived);
+ testSignatureConfirmationResponse(sigv, sigReceived);
}
private void testSignatureConfirmationResponse(
- List<Object> sigSaved,
- List<Object> sigReceived
+ List<WSHandlerResult> sigSaved,
+ List<WSHandlerResult> sigReceived
) throws Exception {
Document doc = readDocument("wsse-request-clean.xml");
Modified:
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JInOutTest.java
URL:
http://svn.apache.org/viewvc/cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JInOutTest.java?rev=1040628&r1=1040627&r2=1040628&view=diff
==============================================================================
---
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JInOutTest.java
(original)
+++
cxf/sandbox/wss4j-1.6-port/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JInOutTest.java
Tue Nov 30 16:40:51 2010
@@ -42,6 +42,7 @@ import org.w3c.dom.Document;
import org.apache.cxf.binding.soap.SoapMessage;
import org.apache.cxf.binding.soap.interceptor.MustUnderstandInterceptor;
import org.apache.cxf.binding.soap.saaj.SAAJInInterceptor;
+import org.apache.cxf.helpers.CastUtils;
import org.apache.cxf.helpers.DOMUtils.NullResolver;
import org.apache.cxf.helpers.XMLUtils;
import org.apache.cxf.interceptor.Interceptor;
@@ -215,7 +216,6 @@ public class WSS4JInOutTest extends Abst
}
@Test
- @SuppressWarnings("unchecked")
public void testEncryption() throws Exception {
Document doc = readDocument("wsse-request-clean.xml");
@@ -281,7 +281,7 @@ public class WSS4JInOutTest extends Abst
// There should be exactly 1 (WSS4J) HandlerResult
//
final java.util.List<WSHandlerResult> handlerResults =
- (java.util.List<WSHandlerResult>)
inmsg.get(WSHandlerConstants.RECV_RESULTS);
+
CastUtils.cast((List<?>)inmsg.get(WSHandlerConstants.RECV_RESULTS));
assertNotNull(handlerResults);
assertSame(handlerResults.size(), 1);
//
@@ -298,8 +298,7 @@ public class WSS4JInOutTest extends Abst
final java.util.Map<String, Object> result =
(java.util.Map<String, Object>) protectionResults.get(0);
final java.util.List<WSDataRef> protectedElements =
- (java.util.List<WSDataRef>)
- result.get(WSSecurityEngineResult.TAG_DATA_REF_URIS);
+
CastUtils.cast((List<?>)result.get(WSSecurityEngineResult.TAG_DATA_REF_URIS));
assertNotNull(protectedElements);
assertSame(protectedElements.size(), 1);
assertEquals(
@@ -312,7 +311,6 @@ public class WSS4JInOutTest extends Abst
}
@Test
- @SuppressWarnings("unchecked")
public void testEncryptedUsernameToken() throws Exception {
Document doc = readDocument("wsse-request-clean.xml");
@@ -387,7 +385,7 @@ public class WSS4JInOutTest extends Abst
// There should be exactly 1 (WSS4J) HandlerResult
//
final java.util.List<WSHandlerResult> handlerResults =
- (java.util.List<WSHandlerResult>)
inmsg.get(WSHandlerConstants.RECV_RESULTS);
+
CastUtils.cast((List<?>)inmsg.get(WSHandlerConstants.RECV_RESULTS));
assertNotNull(handlerResults);
assertSame(handlerResults.size(), 1);
@@ -401,6 +399,94 @@ public class WSS4JInOutTest extends Abst
}
@Test
+ public void testUsernameToken() throws Exception {
+ Document doc = readDocument("wsse-request-clean.xml");
+
+ WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
+ PhaseInterceptor<SoapMessage> handler =
ohandler.createEndingInterceptor();
+
+ SoapMessage msg = new SoapMessage(new MessageImpl());
+ Exchange ex = new ExchangeImpl();
+ ex.setInMessage(msg);
+
+ SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
+ SOAPPart part = saajMsg.getSOAPPart();
+ part.setContent(new DOMSource(doc));
+ saajMsg.saveChanges();
+
+ msg.setContent(SOAPMessage.class, saajMsg);
+
+ msg.put(
+ WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN
+ );
+ msg.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
+ msg.put(WSHandlerConstants.USER, "alice");
+ msg.put("password", "alicePassword");
+
+ handler.handleMessage(msg);
+ doc = part;
+
+ assertValid("//wsse:Security", doc);
+
+ byte[] docbytes = getMessageBytes(doc);
+ XMLStreamReader reader = StaxUtils.createXMLStreamReader(new
ByteArrayInputStream(docbytes));
+
+ DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
+
+ dbf.setValidating(false);
+ dbf.setIgnoringComments(false);
+ dbf.setIgnoringElementContentWhitespace(true);
+ dbf.setNamespaceAware(true);
+
+ DocumentBuilder db = dbf.newDocumentBuilder();
+ db.setEntityResolver(new NullResolver());
+ doc = StaxUtils.read(db, reader, false);
+
+ SoapMessage inmsg = new SoapMessage(new MessageImpl());
+ ex.setInMessage(inmsg);
+ inmsg.setContent(SOAPMessage.class, saajMsg);
+
+ //
+ // This should pass, as even though passwordType is set to digest, we
are
+ // overriding the default handler behaviour of requiring a strict
password
+ // type
+ WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
+ inHandler.setProperty(
+ WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN
+ );
+ inHandler.setProperty(WSHandlerConstants.PASSWORD_TYPE,
WSConstants.PW_DIGEST);
+ inHandler.setProperty(WSHandlerConstants.PASSWORD_TYPE_STRICT,
"false");
+ inHandler.setProperty(
+ WSHandlerConstants.PW_CALLBACK_CLASS,
+ "org.apache.cxf.ws.security.wss4j.TestPwdCallback"
+ );
+ inHandler.handleMessage(inmsg);
+
+ inmsg = new SoapMessage(new MessageImpl());
+ ex.setInMessage(inmsg);
+ inmsg.setContent(SOAPMessage.class, saajMsg);
+
+ //
+ // This should fail, as we are requiring a digest password type
+ //
+ inHandler = new WSS4JInInterceptor();
+ inHandler.setProperty(
+ WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN
+ );
+ inHandler.setProperty(
+ WSHandlerConstants.PW_CALLBACK_CLASS,
+ "org.apache.cxf.ws.security.wss4j.TestPwdCallback"
+ );
+ inHandler.setProperty(WSHandlerConstants.PASSWORD_TYPE,
WSConstants.PW_DIGEST);
+ try {
+ inHandler.handleMessage(inmsg);
+ fail("Expected failure on password digest");
+ } catch (org.apache.cxf.interceptor.Fault fault) {
+ // expected
+ }
+ }
+
+ @Test
public void testCustomProcessor() throws Exception {
Document doc = readDocument("wsse-request-clean.xml");
@@ -464,7 +550,6 @@ public class WSS4JInOutTest extends Abst
assertNull(result);
}
-
@Test
public void testCustomProcessorObject() throws Exception {
Document doc = readDocument("wsse-request-clean.xml");
