Author: asoldano
Date: Fri May 11 14:42:00 2012
New Revision: 1337187
URL: http://svn.apache.org/viewvc?rev=1337187&view=rev
Log:
[CXF-4308] Add option for disabling STS client WS-MEX invocation using WSA EPR
address
Modified:
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSUtils.java
cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/sts/STSClientTest.java
Modified:
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java?rev=1337187&r1=1337186&r2=1337187&view=diff
==============================================================================
---
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java
(original)
+++
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java
Fri May 11 14:42:00 2012
@@ -190,6 +190,13 @@ public final class SecurityConstants {
"org.apache.cxf.ws.security.tokenstore.TokenStore";
+ /**
+ * Set this property to avoid STS client trying send WS-MetadataExchange
call using
+ * STS EPR WSA address when the endpoint contract contains no
WS-MetadataExchange info.
+ */
+ public static final String DISABLE_STS_CLIENT_WSMEX_CALL_USING_EPR_ADDRESS
=
+ "ws-security.sts.disable-wsmex-call-using-epr-address";
+
public static final Set<String> ALL_PROPERTIES;
static {
@@ -207,7 +214,7 @@ public final class SecurityConstants {
KERBEROS_JAAS_CONTEXT_NAME, KERBEROS_SPN, SPNEGO_CLIENT_ACTION,
ENABLE_NONCE_CACHE, NONCE_CACHE_INSTANCE, ENABLE_TIMESTAMP_CACHE,
TIMESTAMP_CACHE_INSTANCE, CACHE_CONFIG_FILE,
TOKEN_STORE_CACHE_INSTANCE,
- SAML_ROLE_ATTRIBUTENAME
+ SAML_ROLE_ATTRIBUTENAME,
DISABLE_STS_CLIENT_WSMEX_CALL_USING_EPR_ADDRESS
}));
ALL_PROPERTIES = Collections.unmodifiableSet(s);
}
Modified:
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java?rev=1337187&r1=1337186&r2=1337187&view=diff
==============================================================================
---
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
(original)
+++
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
Fri May 11 14:42:00 2012
@@ -450,7 +450,7 @@ public class STSClient implements Config
return client;
}
- public void configureViaEPR(EndpointReferenceType ref) {
+ public void configureViaEPR(EndpointReferenceType ref, boolean
useEPRWSAAddrAsMEXLocation) {
if (client != null) {
return;
}
@@ -467,7 +467,7 @@ public class STSClient implements Config
if (wsdlLoc != null) {
wsdlLocation = wsdlLoc;
}
- String mexLoc = findMEXLocation(ref);
+ String mexLoc = findMEXLocation(ref, useEPRWSAAddrAsMEXLocation);
if (mexLoc != null) {
try {
JaxWsProxyFactoryBean proxyFac = new JaxWsProxyFactoryBean();
@@ -505,7 +505,7 @@ public class STSClient implements Config
}
}
}
- protected String findMEXLocation(EndpointReferenceType ref) {
+ protected String findMEXLocation(EndpointReferenceType ref, boolean
useEPRWSAAddrAsMEXLocation) {
if (ref.getMetadata() != null && ref.getMetadata().getAny() != null) {
for (Object any : ref.getMetadata().getAny()) {
if (any instanceof Element) {
@@ -516,7 +516,7 @@ public class STSClient implements Config
}
}
}
- return null;
+ return useEPRWSAAddrAsMEXLocation ?
EndpointReferenceUtils.getAddress(ref) : null;
}
protected String findMEXLocation(Element ref) {
Element el = DOMUtils.getFirstElement(ref);
Modified:
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSUtils.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSUtils.java?rev=1337187&r1=1337186&r2=1337187&view=diff
==============================================================================
---
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSUtils.java
(original)
+++
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSUtils.java
Fri May 11 14:42:00 2012
@@ -112,7 +112,9 @@ public final class STSUtils {
client.setBeanName(ep.getEndpointInfo().getName().toString() +
type);
if (itok.getIssuerEpr() != null) {
//configure via mex
- client.configureViaEPR(itok.getIssuerEpr());
+ boolean useEPRWSAAddrAsMEXLocation =
!Boolean.valueOf((String)message
+
.getContextualProperty(SecurityConstants.DISABLE_STS_CLIENT_WSMEX_CALL_USING_EPR_ADDRESS));
+ client.configureViaEPR(itok.getIssuerEpr(),
useEPRWSAAddrAsMEXLocation);
}
}
return client;
Modified:
cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/sts/STSClientTest.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/sts/STSClientTest.java?rev=1337187&r1=1337186&r2=1337187&view=diff
==============================================================================
---
cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/sts/STSClientTest.java
(original)
+++
cxf/trunk/rt/ws/security/src/test/java/org/apache/cxf/ws/security/sts/STSClientTest.java
Fri May 11 14:42:00 2012
@@ -53,7 +53,7 @@ public class STSClientTest extends Asser
Bus bus = BusFactory.getThreadDefaultBus();
STSClient client = new STSClient(bus);
- client.configureViaEPR(ref);
+ client.configureViaEPR(ref, false);
assertEquals("http://localhost:8080/jaxws-samples-wsse-policy-trust-sts/SecurityTokenService?wsdl";,
client.getWsdlLocation());
