Author: coheigea
Date: Wed Feb 16 13:58:05 2011
New Revision: 1071255
URL: http://svn.apache.org/viewvc?rev=1071255&view=rev
Log:
Setting the TokenType on the SecurityToken
- The SymmetricBinding now sets the correct token type pointing to a SAML
Assertion.
Modified:
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
Modified:
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java?rev=1071255&r1=1071254&r2=1071255&view=diff
==============================================================================
---
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
(original)
+++
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
Wed Feb 16 13:58:05 2011
@@ -53,6 +53,7 @@ import org.apache.ws.security.WSConstant
import org.apache.ws.security.WSSecurityEngineResult;
import org.apache.ws.security.handler.WSHandlerConstants;
import org.apache.ws.security.handler.WSHandlerResult;
+import org.apache.ws.security.saml.ext.AssertionWrapper;
/**
*
@@ -257,6 +258,14 @@ public class IssuedTokenInterceptorProvi
(java.util.Date)null
);
token.setSecret(secretKey);
+ AssertionWrapper assertionWrapper =
+
(AssertionWrapper)customPrincipal.getTokenObject();
+ if (assertionWrapper != null &&
assertionWrapper.getSaml1() != null) {
+
token.setTokenType(WSConstants.WSS_SAML_TOKEN_TYPE);
+ } else if (assertionWrapper != null
+ && assertionWrapper.getSaml2() != null) {
+
token.setTokenType(WSConstants.WSS_SAML2_TOKEN_TYPE);
+ }
return token;
}
}
Modified:
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java?rev=1071255&r1=1071254&r2=1071255&view=diff
==============================================================================
---
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
(original)
+++
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
Wed Feb 16 13:58:05 2011
@@ -423,6 +423,7 @@ public class STSClient implements Config
boolean wroteKeySize = false;
String keyType = null;
+ String tokenType = null;
if (template != null) {
if (this.useSecondaryParameters()) {
@@ -437,6 +438,8 @@ public class STSClient implements Config
} else if ("KeySize".equals(tl.getLocalName())) {
wroteKeySize = true;
keySize = Integer.parseInt(DOMUtils.getContent(tl));
+ } else if ("TokenType".equals(tl.getLocalName())) {
+ tokenType = DOMUtils.getContent(tl);
}
tl = DOMUtils.getNextElement(tl);
}
@@ -485,6 +488,9 @@ public class STSClient implements Config
if (cert != null) {
token.setX509Certificate(cert, crypto);
}
+ if (tokenType != null) {
+ token.setTokenType(tokenType);
+ }
return token;
}
Modified:
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java?rev=1071255&r1=1071254&r2=1071255&view=diff
==============================================================================
---
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
(original)
+++
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
Wed Feb 16 13:58:05 2011
@@ -517,13 +517,19 @@ public class SymmetricBindingHandler ext
}
} else {
if (encrToken instanceof IssuedToken) {
-
encr.setCustomReferenceValue(WSConstants.WSS_SAML_KI_VALUE_TYPE);
encr.setKeyIdentifierType(WSConstants.CUSTOM_KEY_IDENTIFIER);
+ String tokenType = encrTok.getTokenType();
+ if
(WSConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType)) {
+
encr.setCustomReferenceValue(WSConstants.WSS_SAML_KI_VALUE_TYPE);
+ } else if
(WSConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType)) {
+
encr.setCustomReferenceValue(WSConstants.WSS_SAML2_KI_VALUE_TYPE);
+ } else {
+ encr.setCustomReferenceValue(tokenType);
+ }
}
}
- encr.prepare(saaj.getSOAPPart(),
- crypto);
+ encr.prepare(saaj.getSOAPPart(), crypto);
if (encr.getBSTTokenId() != null) {
encr.prependBSTElementToHeader(secHeader);
@@ -668,13 +674,18 @@ public class SymmetricBindingHandler ext
sig.setEncrKeySha1value(tok.getSHA1());
sig.setKeyIdentifierType(WSConstants.ENCRYPTED_KEY_SHA1_IDENTIFIER);
}
- } else if (tok.getTokenType() != null) {
- sig.setCustomTokenValueType(tok.getTokenType());
- sig.setKeyIdentifierType(type);
} else {
- // TODO Add support for SAML2 here
-
sig.setCustomTokenValueType(WSConstants.WSS_SAML_KI_VALUE_TYPE);
- sig.setKeyIdentifierType(WSConstants.CUSTOM_KEY_IDENTIFIER);
+ String tokenType = tok.getTokenType();
+ if (WSConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType)) {
+
sig.setCustomTokenValueType(WSConstants.WSS_SAML_KI_VALUE_TYPE);
+
sig.setKeyIdentifierType(WSConstants.CUSTOM_KEY_IDENTIFIER);
+ } else if (WSConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType))
{
+
sig.setCustomTokenValueType(WSConstants.WSS_SAML2_KI_VALUE_TYPE);
+
sig.setKeyIdentifierType(WSConstants.CUSTOM_KEY_IDENTIFIER);
+ } else {
+ sig.setCustomTokenValueType(tokenType);
+ sig.setKeyIdentifierType(type);
+ }
}
String sigTokId;
