Author: coheigea
Date: Wed Feb 9 16:15:22 2011
New Revision: 1068958
URL: http://svn.apache.org/viewvc?rev=1068958&view=rev
Log:
[CXF-3321] - Added the ability to configure the STSClient via spring to send an
X509Certificate to the STS.
Modified:
cxf/branches/2.3.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java
cxf/branches/2.3.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
Modified:
cxf/branches/2.3.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java
URL:
http://svn.apache.org/viewvc/cxf/branches/2.3.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java?rev=1068958&r1=1068957&r2=1068958&view=diff
==============================================================================
---
cxf/branches/2.3.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java
(original)
+++
cxf/branches/2.3.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java
Wed Feb 9 16:15:22 2011
@@ -68,6 +68,8 @@ public final class SecurityConstants {
public static final String STS_TOKEN_CRYPTO =
"ws-security.sts.token.crypto";
public static final String STS_TOKEN_PROPERTIES =
"ws-security.sts.token.properties";
public static final String STS_TOKEN_USERNAME =
"ws-security.sts.token.username";
+ public static final String STS_TOKEN_USE_CERT_FOR_KEYINFO =
+ "ws-security.sts.token.usecert";
public static final String STS_TOKEN_DO_CANCEL =
"ws-security.sts.token.do.cancel";
@@ -82,7 +84,7 @@ public final class SecurityConstants {
ENCRYPT_USERNAME, ENCRYPT_PROPERTIES, ENCRYPT_CRYPTO,
TOKEN, TOKEN_ID, STS_CLIENT, STS_TOKEN_PROPERTIES,
STS_TOKEN_CRYPTO,
STS_TOKEN_DO_CANCEL, TIMESTAMP_TTL, ALWAYS_ENCRYPT_UT,
- STS_TOKEN_ACT_AS
+ STS_TOKEN_ACT_AS, STS_TOKEN_USERNAME,
STS_TOKEN_USE_CERT_FOR_KEYINFO
}));
ALL_PROPERTIES = Collections.unmodifiableSet(s);
}
Modified:
cxf/branches/2.3.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
URL:
http://svn.apache.org/viewvc/cxf/branches/2.3.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java?rev=1068958&r1=1068957&r2=1068958&view=diff
==============================================================================
---
cxf/branches/2.3.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
(original)
+++
cxf/branches/2.3.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
Wed Feb 9 16:15:22 2011
@@ -525,7 +525,12 @@ public class STSClient implements Config
writer.writeStartElement("dsig", "KeyInfo",
"http://www.w3.org/2000/09/xmldsig#";);
writer.writeNamespace("dsig", "http://www.w3.org/2000/09/xmldsig#";);
- if (useCertificateForConfirmationKeyInfo) {
+ boolean useCert = useCertificateForConfirmationKeyInfo;
+ String useCertStr =
(String)getProperty(SecurityConstants.STS_TOKEN_USE_CERT_FOR_KEYINFO);
+ if (useCertStr != null) {
+ useCert = Boolean.parseBoolean(useCertStr);
+ }
+ if (useCert) {
X509Data certElem = new X509Data(writer.getDocument());
certElem.addCertificate(cert);
writer.getCurrentNode().appendChild(certElem.getElement());
