se...

coheigea Fri, 11 Feb 2011 08:34:14 -0800

Modified: 
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
URL: 
http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java?rev=1069865&r1=1069864&r2=1069865&view=diff
==============================================================================
--- 
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
 (original)
+++ 
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/TransportBindingHandler.java
 Fri Feb 11 16:33:46 2011
@@ -19,9 +19,11 @@
 
 package org.apache.cxf.ws.security.wss4j.policyhandlers;
 
+import java.util.ArrayList;
 import java.util.Collection;
-import java.util.Vector;
+import java.util.List;
 
+import javax.xml.crypto.dsig.Reference;
 import javax.xml.soap.SOAPMessage;
 
 import org.w3c.dom.Document;
@@ -102,11 +104,13 @@ public class TransportBindingHandler ext
         }
         
     }
-    private static void addSig(Vector<byte[]> signatureValues, byte[] val) {
+    
+    private static void addSig(List<byte[]> signatureValues, byte[] val) {
         if (val != null) {
             signatureValues.add(val);
         }
     }
+    
     public void handleBinding() {
         Collection<AssertionInfo> ais;
         WSSecTimestamp timestamp = createTimestamp();
@@ -114,7 +118,7 @@ public class TransportBindingHandler ext
         
         try {
             if (this.isRequestor()) {
-                Vector<byte[]> signatureValues = new Vector<byte[]>();
+                List<byte[]> signatureValues = new ArrayList<byte[]>();
 
                 ais = aim.get(SP12Constants.SIGNED_SUPPORTING_TOKENS);
                 if (ais != null) {
@@ -213,23 +217,25 @@ public class TransportBindingHandler ext
     }
     
 
-    private byte[] doX509TokenSignature(Token token, SignedEncryptedParts 
signdParts,
+    private byte[] doX509TokenSignature(Token token, SignedEncryptedParts 
signedParts,
                                         TokenWrapper wrapper) 
         throws Exception {
         
         Document doc = saaj.getSOAPPart();
         
-        Vector<WSEncryptionPart> sigParts = new Vector<WSEncryptionPart>();
+        List<WSEncryptionPart> sigParts = new ArrayList<WSEncryptionPart>();
         
         if (timestampEl != null) {
-            sigParts.add(new WSEncryptionPart(timestampEl.getId()));           
               
+            WSEncryptionPart timestampPart = 
convertToEncryptionPart(timestampEl.getElement());
+            sigParts.add(timestampPart);                          
         }
         
-        if (signdParts != null) {
-            if (signdParts.isBody()) {
-                sigParts.add(new 
WSEncryptionPart(addWsuIdToElement(saaj.getSOAPBody())));
+        if (signedParts != null) {
+            if (signedParts.isBody()) {
+                WSEncryptionPart bodyPart = 
convertToEncryptionPart(saaj.getSOAPBody());
+                sigParts.add(bodyPart);
             }
-            for (Header header : signdParts.getHeaders()) {
+            for (Header header : signedParts.getHeaders()) {
                 WSEncryptionPart wep = new WSEncryptionPart(header.getName(), 
                         header.getNamespace(),
                         "Content");
@@ -262,24 +268,27 @@ public class TransportBindingHandler ext
             */
             
             dkSig.setParts(sigParts);
-            dkSig.addReferencesToSign(sigParts, secHeader);
+            List<Reference> referenceList = 
dkSig.addReferencesToSign(sigParts, secHeader);
             
             //Do signature
-            dkSig.computeSignature();
-            
             dkSig.appendDKElementToHeader(secHeader);
-            dkSig.appendSigToHeader(secHeader);
+            dkSig.computeSignature(referenceList, false, null);
             
             return dkSig.getSignatureValue();
         } else {
-            WSSecSignature sig = getSignatureBuider(wrapper, token, false);
+            WSSecSignature sig = getSignatureBuilder(wrapper, token, false);
             if (sig != null) {
                 sig.prependBSTElementToHeader(secHeader);
             
-                sig.addReferencesToSign(sigParts, secHeader);
-                insertBeforeBottomUp(sig.getSignatureElement());
-            
-                sig.computeSignature();
+                List<Reference> referenceList = 
sig.addReferencesToSign(sigParts, secHeader);
+                
+                if (bottomUpElement == null) {
+                    sig.computeSignature(referenceList, false, null);
+                } else {
+                    sig.computeSignature(referenceList, true, bottomUpElement);
+                }
+                bottomUpElement = sig.getSignatureElement();
+                mainSigId = sig.getId();
             
                 return sig.getSignatureValue();
             } else {
@@ -303,7 +312,7 @@ public class TransportBindingHandler ext
         SPConstants.IncludeTokenType inclusion = token.getInclusion();
         boolean tokenIncluded = false;
         
-        Vector<WSEncryptionPart> sigParts = new Vector<WSEncryptionPart>();
+        List<WSEncryptionPart> sigParts = new ArrayList<WSEncryptionPart>();
         if (inclusion == SPConstants.IncludeTokenType.INCLUDE_TOKEN_ALWAYS
             || ((inclusion == 
SPConstants.IncludeTokenType.INCLUDE_TOKEN_ALWAYS_TO_RECIPIENT 
                 || inclusion == 
SPConstants.IncludeTokenType.INCLUDE_TOKEN_ONCE) 
@@ -322,19 +331,21 @@ public class TransportBindingHandler ext
         }
         
         if (timestampEl != null) {
-            sigParts.add(new WSEncryptionPart(timestampEl.getId()));           
               
+            WSEncryptionPart timestampPart = 
convertToEncryptionPart(timestampEl.getElement());
+            sigParts.add(timestampPart);                          
         }
         
         if (signdParts != null) {
             if (signdParts.isBody()) {
-                sigParts.add(new 
WSEncryptionPart(addWsuIdToElement(saaj.getSOAPBody())));
+                WSEncryptionPart bodyPart = 
convertToEncryptionPart(saaj.getSOAPBody());
+                sigParts.add(bodyPart);
             }
             if (secTok.getX509Certificate() != null
                 || securityTok != null) {
                 //the "getX509Certificate" this is to workaround an issue in 
WCF
-                //In WCF, for TransportBinding, in most cases, it doesn't 
wan't any of
-                //the headers signed even if the policy sais so.   HOWEVER, 
for KeyValue
-                //IssuedTokends, it DOES want them signed
+                //In WCF, for TransportBinding, in most cases, it doesn't want 
any of
+                //the headers signed even if the policy says so.   HOWEVER, 
for KeyValue
+                //IssuedTokens, it DOES want them signed
                 for (Header header : signdParts.getHeaders()) {
                     WSEncryptionPart wep = new 
WSEncryptionPart(header.getName(), 
                             header.getNamespace(),
@@ -364,7 +375,7 @@ public class TransportBindingHandler ext
                 dkSign.setExternalKey(secTok.getSecret(), secTok.getId());
             }
           
-            //    Set the algo info
+            // Set the algo info
             
dkSign.setSignatureAlgorithm(algorithmSuite.getSymmetricSignature());
             
dkSign.setDerivedKeyLength(algorithmSuite.getSignatureDerivedKeyLength() / 8);
             if (token.getSPConstants() == SP12Constants.INSTANCE) {
@@ -375,20 +386,18 @@ public class TransportBindingHandler ext
             addDerivedKeyElement(dkSign.getdktElement());
           
             dkSign.setParts(sigParts);
-            dkSign.addReferencesToSign(sigParts, secHeader);
+            List<Reference> referenceList = 
dkSign.addReferencesToSign(sigParts, secHeader);
           
             //Do signature
-            dkSign.computeSignature();
-          
-            dkSign.appendSigToHeader(secHeader);
+            dkSign.computeSignature(referenceList, false, null);
           
             return dkSign.getSignatureValue();
         } else {
             WSSecSignature sig = new WSSecSignature();
             if (secTok.getTokenType() == null) {
                 sig.setCustomTokenId(secTok.getId());
-                sig.setCustomTokenValueType(WSConstants.WSS_SAML_NS
-                                            + WSConstants.SAML_ASSERTION_ID);
+                // TODO Add support for SAML2 here
+                
sig.setCustomTokenValueType(WSConstants.WSS_SAML_KI_VALUE_TYPE);
                 sig.setKeyIdentifierType(WSConstants.CUSTOM_KEY_IDENTIFIER);
             } else {
                 String id = secTok.getWsuId();
@@ -425,14 +434,17 @@ public class TransportBindingHandler ext
             sig.prepare(doc, crypto, secHeader);
 
             sig.setParts(sigParts);
-            sig.addReferencesToSign(sigParts, secHeader);
+            List<Reference> referenceList = sig.addReferencesToSign(sigParts, 
secHeader);
 
             //Do signature
-            sig.computeSignature();
-
-            //Add elements to header
-            insertBeforeBottomUp(sig.getSignatureElement());
-
+            if (bottomUpElement == null) {
+                sig.computeSignature(referenceList, false, null);
+            } else {
+                sig.computeSignature(referenceList, true, bottomUpElement);
+            }
+            bottomUpElement = sig.getSignatureElement();
+            mainSigId = sig.getId();
+        
             return sig.getSignatureValue();
         }
     }


Modified: 
cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/CustomProcessor.java
URL: 
http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/CustomProcessor.java?rev=1069865&r1=1069864&r2=1069865&view=diff
==============================================================================
--- 
cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/CustomProcessor.java
 (original)
+++ 
cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/CustomProcessor.java
 Fri Feb 11 16:33:46 2011
@@ -26,33 +26,33 @@ import org.apache.ws.security.WSSecurity
 import org.apache.ws.security.components.crypto.Crypto;
 import org.apache.ws.security.message.token.SecurityContextToken;
 import org.apache.ws.security.processor.Processor;
+import org.apache.ws.security.validate.Validator;
 
 /**
  * a custom processor that inserts itself into the results vector
  */
 public class CustomProcessor implements Processor {
     
-    @SuppressWarnings("unchecked")
-    public final void 
+    public final java.util.List<WSSecurityEngineResult> 
     handleToken(
         final org.w3c.dom.Element elem, 
         final Crypto crypto, 
         final Crypto decCrypto,
         final javax.security.auth.callback.CallbackHandler cb, 
         final WSDocInfo wsDocInfo, 
-        final java.util.Vector returnResults,
         final WSSConfig config
     ) throws WSSecurityException {
-        final java.util.Map result = 
+        final WSSecurityEngineResult result = 
             new WSSecurityEngineResult(
                 WSConstants.SIGN, 
                 (SecurityContextToken) null
             );
         result.put("foo", this);
-        returnResults.add(result);
+        return java.util.Collections.singletonList(result);
     }
-
-    public final String getId() {
-        return getClass().getName();
+    
+    public void setValidator(Validator validator) {
+        //
     }
+
 }

Modified: 
cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWss4JInOutTest.java
URL: 
http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWss4JInOutTest.java?rev=1069865&r1=1069864&r2=1069865&view=diff
==============================================================================
--- 
cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWss4JInOutTest.java
 (original)
+++ 
cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWss4JInOutTest.java
 Fri Feb 11 16:33:46 2011
@@ -47,6 +47,7 @@ import org.apache.cxf.binding.Binding;
 import org.apache.cxf.binding.soap.SoapMessage;
 import org.apache.cxf.endpoint.Endpoint;
 import org.apache.cxf.feature.AbstractFeature;
+import org.apache.cxf.helpers.CastUtils;
 import org.apache.cxf.interceptor.AbstractAttributedInterceptorProvider;
 import org.apache.cxf.message.Message;
 import org.apache.cxf.service.Service;
@@ -942,18 +943,16 @@ public class PolicyBasedWss4JInOutTest e
         assertNotNull(result);
     }
     
-    @SuppressWarnings("unchecked")
     private void verifyWss4jEncResults(SoapMessage inmsg) {
         //
         // There should be exactly 1 (WSS4J) HandlerResult
         //
         final List<WSHandlerResult> handlerResults = 
-            (List<WSHandlerResult>) inmsg
-                .get(WSHandlerConstants.RECV_RESULTS);
+            
CastUtils.cast((List<?>)inmsg.get(WSHandlerConstants.RECV_RESULTS));
         assertNotNull(handlerResults);
         assertSame(handlerResults.size(), 1);
 
-        Vector<Object> protectionResults = new Vector<Object>();
+        List<WSSecurityEngineResult> protectionResults = new 
Vector<WSSecurityEngineResult>();
         
WSSecurityUtil.fetchAllActionResults(handlerResults.get(0).getResults(),
                 WSConstants.ENCR, protectionResults);
         assertNotNull(protectionResults);
@@ -963,8 +962,8 @@ public class PolicyBasedWss4JInOutTest e
         //
         final Map<String, Object> result = (Map<String, Object>) 
protectionResults
                 .get(0);
-        final List<WSDataRef> protectedElements = (List<WSDataRef>) result
-                .get(WSSecurityEngineResult.TAG_DATA_REF_URIS);
+        final List<WSDataRef> protectedElements = 
+            
CastUtils.cast((List<?>)result.get(WSSecurityEngineResult.TAG_DATA_REF_URIS));
         assertNotNull(protectedElements);
     }
     

Modified: 
cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/SignatureConfirmationTest.java
URL: 
http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/SignatureConfirmationTest.java?rev=1069865&r1=1069864&r2=1069865&view=diff
==============================================================================
--- 
cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/SignatureConfirmationTest.java
 (original)
+++ 
cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/SignatureConfirmationTest.java
 Fri Feb 11 16:33:46 2011
@@ -34,6 +34,7 @@ import javax.xml.transform.dom.DOMSource
 import org.w3c.dom.Document;
 
 import org.apache.cxf.binding.soap.SoapMessage;
+import org.apache.cxf.helpers.CastUtils;
 import org.apache.cxf.helpers.DOMUtils.NullResolver;
 import org.apache.cxf.message.Exchange;
 import org.apache.cxf.message.ExchangeImpl;
@@ -42,6 +43,7 @@ import org.apache.cxf.phase.PhaseInterce
 import org.apache.cxf.staxutils.StaxUtils;
 import org.apache.ws.security.WSSecurityEngineResult;
 import org.apache.ws.security.handler.WSHandlerConstants;
+import org.apache.ws.security.handler.WSHandlerResult;
 
 
 /**
@@ -58,7 +60,6 @@ public class SignatureConfirmationTest e
     }
     
     @org.junit.Test
-    @SuppressWarnings("unchecked")
     public void testSignatureConfirmationRequest() throws Exception {
         Document doc = readDocument("wsse-request-clean.xml");
 
@@ -97,11 +98,9 @@ public class SignatureConfirmationTest e
         //
         // Save the signature for future confirmation
         //
-        Object sigv = msg.get(WSHandlerConstants.SEND_SIGV);
+        List<WSHandlerResult> sigv = 
CastUtils.cast((List<?>)msg.get(WSHandlerConstants.SEND_SIGV));
         assertNotNull(sigv);
-        assertTrue(sigv instanceof List);
-        assertTrue(((List<Object>)sigv).size() != 0);
-        List<Object> sigSaved = (List<Object>)sigv;
+        assertTrue(sigv.size() != 0);
         
         XMLStreamReader reader = StaxUtils.createXMLStreamReader(new 
ByteArrayInputStream(docbytes));
 
@@ -135,17 +134,18 @@ public class SignatureConfirmationTest e
             (WSSecurityEngineResult) 
inmsg.get(WSS4JInInterceptor.SIGNATURE_RESULT);
         assertNotNull(result);
         
-        List<Object> sigReceived = 
(List<Object>)inmsg.get(WSHandlerConstants.RECV_RESULTS);
+        List<WSHandlerResult> sigReceived = 
+            
CastUtils.cast((List<?>)inmsg.get(WSHandlerConstants.RECV_RESULTS));
         assertNotNull(sigReceived);
         assertTrue(sigReceived.size() != 0);
         
-        testSignatureConfirmationResponse(sigSaved, sigReceived);
+        testSignatureConfirmationResponse(sigv, sigReceived);
     }
     
    
     private void testSignatureConfirmationResponse(
-        List<Object> sigSaved,
-        List<Object> sigReceived
+        List<WSHandlerResult> sigSaved,
+        List<WSHandlerResult> sigReceived
     ) throws Exception {
         Document doc = readDocument("wsse-request-clean.xml");
 

Modified: 
cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JInOutTest.java
URL: 
http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JInOutTest.java?rev=1069865&r1=1069864&r2=1069865&view=diff
==============================================================================
--- 
cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JInOutTest.java
 (original)
+++ 
cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JInOutTest.java
 Fri Feb 11 16:33:46 2011
@@ -42,6 +42,7 @@ import org.w3c.dom.Document;
 import org.apache.cxf.binding.soap.SoapMessage;
 import org.apache.cxf.binding.soap.interceptor.MustUnderstandInterceptor;
 import org.apache.cxf.binding.soap.saaj.SAAJInInterceptor;
+import org.apache.cxf.helpers.CastUtils;
 import org.apache.cxf.helpers.DOMUtils.NullResolver;
 import org.apache.cxf.helpers.XMLUtils;
 import org.apache.cxf.interceptor.Interceptor;
@@ -215,7 +216,6 @@ public class WSS4JInOutTest extends Abst
     }
     
     @Test
-    @SuppressWarnings("unchecked")
     public void testEncryption() throws Exception {
         Document doc = readDocument("wsse-request-clean.xml");
 
@@ -281,14 +281,14 @@ public class WSS4JInOutTest extends Abst
         // There should be exactly 1 (WSS4J) HandlerResult
         //
         final java.util.List<WSHandlerResult> handlerResults = 
-            (java.util.List<WSHandlerResult>) 
inmsg.get(WSHandlerConstants.RECV_RESULTS);
+            
CastUtils.cast((List<?>)inmsg.get(WSHandlerConstants.RECV_RESULTS));
         assertNotNull(handlerResults);
         assertSame(handlerResults.size(), 1);
         //
         // This should contain exactly 1 protection result
         //
-        final java.util.List<Object> protectionResults =
-            (java.util.List<Object>) handlerResults.get(0).getResults();
+        final java.util.List<WSSecurityEngineResult> protectionResults =
+            (java.util.List<WSSecurityEngineResult>) 
handlerResults.get(0).getResults();
         assertNotNull(protectionResults);
         assertSame(protectionResults.size(), 1);
         //
@@ -298,8 +298,7 @@ public class WSS4JInOutTest extends Abst
         final java.util.Map<String, Object> result =
             (java.util.Map<String, Object>) protectionResults.get(0);
         final java.util.List<WSDataRef> protectedElements =
-            (java.util.List<WSDataRef>) 
-                result.get(WSSecurityEngineResult.TAG_DATA_REF_URIS);
+            
CastUtils.cast((List<?>)result.get(WSSecurityEngineResult.TAG_DATA_REF_URIS));
         assertNotNull(protectedElements);
         assertSame(protectedElements.size(), 1);
         assertEquals(
@@ -312,7 +311,6 @@ public class WSS4JInOutTest extends Abst
     }
     
     @Test
-    @SuppressWarnings("unchecked")
     public void testEncryptedUsernameToken() throws Exception {
         Document doc = readDocument("wsse-request-clean.xml");
 
@@ -387,20 +385,108 @@ public class WSS4JInOutTest extends Abst
         // There should be exactly 1 (WSS4J) HandlerResult
         //
         final java.util.List<WSHandlerResult> handlerResults = 
-            (java.util.List<WSHandlerResult>) 
inmsg.get(WSHandlerConstants.RECV_RESULTS);
+            
CastUtils.cast((List<?>)inmsg.get(WSHandlerConstants.RECV_RESULTS));
         assertNotNull(handlerResults);
         assertSame(handlerResults.size(), 1);
         
         //
         // This should contain exactly 2 protection results
         //
-        final java.util.List<Object> protectionResults =
-            (java.util.List<Object>) handlerResults.get(0).getResults();
+        final java.util.List<WSSecurityEngineResult> protectionResults =
+            (java.util.List<WSSecurityEngineResult>) 
handlerResults.get(0).getResults();
         assertNotNull(protectionResults);
         assertSame(protectionResults.size(), 2);
     }
     
     @Test
+    public void testUsernameToken() throws Exception {
+        Document doc = readDocument("wsse-request-clean.xml");
+
+        WSS4JOutInterceptor ohandler = new WSS4JOutInterceptor();
+        PhaseInterceptor<SoapMessage> handler = 
ohandler.createEndingInterceptor();
+
+        SoapMessage msg = new SoapMessage(new MessageImpl());
+        Exchange ex = new ExchangeImpl();
+        ex.setInMessage(msg);
+        
+        SOAPMessage saajMsg = MessageFactory.newInstance().createMessage();
+        SOAPPart part = saajMsg.getSOAPPart();
+        part.setContent(new DOMSource(doc));
+        saajMsg.saveChanges();
+
+        msg.setContent(SOAPMessage.class, saajMsg);
+        
+        msg.put(
+            WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN
+        );
+        msg.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
+        msg.put(WSHandlerConstants.USER, "alice");
+        msg.put("password", "alicePassword");
+
+        handler.handleMessage(msg);
+        doc = part;
+
+        assertValid("//wsse:Security", doc);
+
+        byte[] docbytes = getMessageBytes(doc);
+        XMLStreamReader reader = StaxUtils.createXMLStreamReader(new 
ByteArrayInputStream(docbytes));
+
+        DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
+
+        dbf.setValidating(false);
+        dbf.setIgnoringComments(false);
+        dbf.setIgnoringElementContentWhitespace(true);
+        dbf.setNamespaceAware(true);
+
+        DocumentBuilder db = dbf.newDocumentBuilder();
+        db.setEntityResolver(new NullResolver());
+        doc = StaxUtils.read(db, reader, false);
+
+        SoapMessage inmsg = new SoapMessage(new MessageImpl());
+        ex.setInMessage(inmsg);
+        inmsg.setContent(SOAPMessage.class, saajMsg);
+
+        //
+        // This should pass, as even though passwordType is set to digest, we 
are 
+        // overriding the default handler behaviour of requiring a strict 
password
+        // type
+        WSS4JInInterceptor inHandler = new WSS4JInInterceptor();
+        inHandler.setProperty(
+            WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN
+        );
+        inHandler.setProperty(WSHandlerConstants.PASSWORD_TYPE, 
WSConstants.PW_DIGEST);
+        inHandler.setProperty(WSHandlerConstants.PASSWORD_TYPE_STRICT, 
"false");
+        inHandler.setProperty(
+            WSHandlerConstants.PW_CALLBACK_CLASS, 
+            "org.apache.cxf.ws.security.wss4j.TestPwdCallback"
+        );
+        inHandler.handleMessage(inmsg);
+        
+        inmsg = new SoapMessage(new MessageImpl());
+        ex.setInMessage(inmsg);
+        inmsg.setContent(SOAPMessage.class, saajMsg);
+        
+        //
+        // This should fail, as we are requiring a digest password type
+        //
+        inHandler = new WSS4JInInterceptor();
+        inHandler.setProperty(
+            WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN
+        );
+        inHandler.setProperty(
+            WSHandlerConstants.PW_CALLBACK_CLASS, 
+            "org.apache.cxf.ws.security.wss4j.TestPwdCallback"
+        );
+        inHandler.setProperty(WSHandlerConstants.PASSWORD_TYPE, 
WSConstants.PW_DIGEST);
+        try {
+            inHandler.handleMessage(inmsg);
+            fail("Expected failure on password digest");
+        } catch (org.apache.cxf.interceptor.Fault fault) {
+            // expected
+        }
+    }
+    
+    @Test
     public void testCustomProcessor() throws Exception {
         Document doc = readDocument("wsse-request-clean.xml");
 
@@ -464,7 +550,6 @@ public class WSS4JInOutTest extends Abst
         assertNull(result);
     }
     
-    
     @Test
     public void testCustomProcessorObject() throws Exception {
         Document doc = readDocument("wsse-request-clean.xml");
@@ -516,7 +601,7 @@ public class WSS4JInOutTest extends Abst
                 WSConstants.SIG_NS,
                 WSConstants.SIG_LN
             ),
-            new CustomProcessor()
+            CustomProcessor.class
         );
         properties.put(
             WSS4JInInterceptor.PROCESSOR_MAP,

Modified: 
cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JOutInterceptorTest.java
URL: 
http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JOutInterceptorTest.java?rev=1069865&r1=1069864&r2=1069865&view=diff
==============================================================================
--- 
cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JOutInterceptorTest.java
 (original)
+++ 
cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JOutInterceptorTest.java
 Fri Feb 11 16:33:46 2011
@@ -219,7 +219,7 @@ public class WSS4JOutInterceptorTest ext
         }
         
         try {
-            customActions.put(new Object(), action);
+            customActions.put(new Object(), CountingUsernameTokenAction.class);
             handler.handleMessage(msg);
         } catch (SoapFault e) {
             assertEquals("An invalid action configuration was defined.", 
e.getMessage());

Modified: cxf/trunk/systests/databinding/src/test/resources/aegisJaxWsBeans.xml
URL: 
http://svn.apache.org/viewvc/cxf/trunk/systests/databinding/src/test/resources/aegisJaxWsBeans.xml?rev=1069865&r1=1069864&r2=1069865&view=diff
==============================================================================
--- cxf/trunk/systests/databinding/src/test/resources/aegisJaxWsBeans.xml 
(original)
+++ cxf/trunk/systests/databinding/src/test/resources/aegisJaxWsBeans.xml Fri 
Feb 11 16:33:46 2011
@@ -78,7 +78,7 @@ http://cxf.apache.org/core http://cxf.ap
                        <constructor-arg>
                                <map>
                                        <entry key="action" 
value="UsernameToken"/>
-                                       <entry key="passwordType" 
value="PasswordText"/>
+                                       <entry key="passwordType" 
value="PasswordDigest"/>
                                        <entry key="passwordCallbackRef">
                                         <ref bean="myPasswordCallback"/>
                                        </entry>
@@ -91,4 +91,4 @@ http://cxf.apache.org/core http://cxf.ap
                  <entry key="mtom-enabled" value="true" />
                </jaxws:properties>
        </jaxws:endpoint>
-</beans>
\ No newline at end of file
+</beans>

Modified: 
cxf/trunk/systests/ws-specs/src/test/java/org/apache/cxf/systest/ws/wssc/server/Server.java
URL: 
http://svn.apache.org/viewvc/cxf/trunk/systests/ws-specs/src/test/java/org/apache/cxf/systest/ws/wssc/server/Server.java?rev=1069865&r1=1069864&r2=1069865&view=diff
==============================================================================
--- 
cxf/trunk/systests/ws-specs/src/test/java/org/apache/cxf/systest/ws/wssc/server/Server.java
 (original)
+++ 
cxf/trunk/systests/ws-specs/src/test/java/org/apache/cxf/systest/ws/wssc/server/Server.java
 Fri Feb 11 16:33:46 2011
@@ -28,7 +28,6 @@ import org.apache.cxf.bus.spring.SpringB
 import org.apache.cxf.systest.ws.wssc.client.KeystorePasswordCallback;
 import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
 import org.apache.cxf.ws.security.SecurityConstants;
-import org.apache.ws.security.WSSConfig;
 
 
 public class Server extends AbstractBusTestServerBase {
@@ -86,7 +85,6 @@ public class Server extends AbstractBusT
     
     protected void run()  {
         try {
-            WSSConfig.getDefaultWSConfig();
             new Server("http://localhost:"; + PORT + "/");
             Bus busLocal = new SpringBusFactory().createBus(
                     "org/apache/cxf/systest/ws/wssc/server/server.xml");
@@ -119,7 +117,6 @@ public class Server extends AbstractBusT
     }
     
     public static void main(String args[]) throws Exception {
-        WSSConfig.getDefaultWSConfig();
         new 
SpringBusFactory().createBus("org/apache/cxf/systest/ws/wssc/server/server.xml");
         new Server("http://localhost:9001/";);
         System.out.println("Server ready...");

Modified: 
cxf/trunk/systests/ws-specs/src/test/java/org/apache/cxf/systest/ws/wssec10/server/UTPasswordCallback.java
URL: 
http://svn.apache.org/viewvc/cxf/trunk/systests/ws-specs/src/test/java/org/apache/cxf/systest/ws/wssec10/server/UTPasswordCallback.java?rev=1069865&r1=1069864&r2=1069865&view=diff
==============================================================================
--- 
cxf/trunk/systests/ws-specs/src/test/java/org/apache/cxf/systest/ws/wssec10/server/UTPasswordCallback.java
 (original)
+++ 
cxf/trunk/systests/ws-specs/src/test/java/org/apache/cxf/systest/ws/wssec10/server/UTPasswordCallback.java
 Fri Feb 11 16:33:46 2011
@@ -50,15 +50,8 @@ public class UTPasswordCallback implemen
     public void handle(Callback[] callbacks) throws IOException, 
UnsupportedCallbackException {
         for (int i = 0; i < callbacks.length; i++) {
             WSPasswordCallback pc = (WSPasswordCallback)callbacks[i];
-            String sentPassword = pc.getPassword();
             String pass = passwords.get(pc.getIdentifier());
-            if (sentPassword == null) {
-                throw new IOException("Reveived password from clienthas null 
value");
-            }
-            if (pass == null) {
-                throw new IOException("Unknown username sent from client");
-            }
-            if (pass.equals(sentPassword)) {
+            if (pass != null) {
                 pc.setPassword(pass);
                 return;
             }

Modified: 
cxf/trunk/systests/ws-specs/src/test/java/org/apache/cxf/systest/ws/wssec11/server/KeystorePasswordCallback.java
URL: 
http://svn.apache.org/viewvc/cxf/trunk/systests/ws-specs/src/test/java/org/apache/cxf/systest/ws/wssec11/server/KeystorePasswordCallback.java?rev=1069865&r1=1069864&r2=1069865&view=diff
==============================================================================
--- 
cxf/trunk/systests/ws-specs/src/test/java/org/apache/cxf/systest/ws/wssec11/server/KeystorePasswordCallback.java
 (original)
+++ 
cxf/trunk/systests/ws-specs/src/test/java/org/apache/cxf/systest/ws/wssec11/server/KeystorePasswordCallback.java
 Fri Feb 11 16:33:46 2011
@@ -42,6 +42,7 @@ public class KeystorePasswordCallback im
         passwords.put("alice", "password");
         passwords.put("Bob", "abcd!1234");
         passwords.put("bob", "password");
+        passwords.put("abcd", "dcba");
     }
 
     /**
@@ -56,8 +57,6 @@ public class KeystorePasswordCallback im
             if (pass != null) {
                 pc.setPassword(pass);
                 return;
-            } else {
-                pc.setPassword("password");
             }
         }
     }

svn commit: r1069865 [3/3] - in /cxf/trunk: ./ distribution/src/main/release/samples/ws_security/interopfest/wssc/src/main/java/interop/client/ distribution/src/main/release/samples/ws_security/interopfest/wssec11/src/main/java/interop/server/ rt/ws/se...

Reply via email to