Author: ay
Date: Tue Aug 14 13:40:47 2012
New Revision: 1372880
URL: http://svn.apache.org/viewvc?rev=1372880&view=rev
Log:
Merged revisions 1372877 via svn merge from
https://svn.apache.org/repos/asf/cxf/trunk
........
r1372877 | ay | 2012-08-14 15:36:04 +0200 (Tue, 14 Aug 2012) | 1 line
[CXF-4469] 2.6.x rt-ws-security bundle is requiring opensaml
........
Added:
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SAMLUtils.java
- copied unchanged from r1372877,
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SAMLUtils.java
Modified:
cxf/branches/2.6.x-fixes/ (props changed)
cxf/branches/2.6.x-fixes/rt/ws/security/pom.xml
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
Propchange: cxf/branches/2.6.x-fixes/
------------------------------------------------------------------------------
Binary property 'svnmerge-integrated' - no diff available.
Modified: cxf/branches/2.6.x-fixes/rt/ws/security/pom.xml
URL:
http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/pom.xml?rev=1372880&r1=1372879&r2=1372880&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/ws/security/pom.xml (original)
+++ cxf/branches/2.6.x-fixes/rt/ws/security/pom.xml Tue Aug 14 13:40:47 2012
@@ -34,6 +34,7 @@
<properties>
<cxf.osgi.import>
net.sf.ehcache*;resolution:=optional;version="[2.5, 3.0.0)",
+ org.opensaml*;resolution:=optional,
</cxf.osgi.import>
</properties>
Modified:
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
URL:
http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java?rev=1372880&r1=1372879&r2=1372880&view=diff
==============================================================================
---
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
(original)
+++
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
Tue Aug 14 13:40:47 2012
@@ -22,7 +22,6 @@ import java.io.IOException;
import java.security.Principal;
import java.util.ArrayList;
import java.util.Collection;
-import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
@@ -81,14 +80,10 @@ import org.apache.ws.security.handler.WS
import org.apache.ws.security.handler.WSHandlerResult;
import org.apache.ws.security.message.token.SecurityTokenReference;
import org.apache.ws.security.processor.Processor;
-import org.apache.ws.security.saml.ext.AssertionWrapper;
import org.apache.ws.security.util.WSSecurityUtil;
import org.apache.ws.security.validate.NoOpValidator;
import org.apache.ws.security.validate.Validator;
-import org.opensaml.common.SAMLVersion;
-import org.opensaml.xml.XMLObject;
-
/**
* Performs WS-Security inbound actions.
*
@@ -481,7 +476,7 @@ public class WSS4JInInterceptor extends
if (!utWithCallbacks) {
WSS4JTokenConverter.convertToken(msg, p);
}
- AssertionWrapper receivedAssertion = null;
+ Object receivedAssertion = null;
List<String> roles = null;
if (o.get(WSSecurityEngineResult.TAG_SAML_ASSERTION) != null) {
@@ -490,13 +485,8 @@ public class WSS4JInInterceptor extends
if (roleAttributeName == null ||
roleAttributeName.length() == 0) {
roleAttributeName = SAML_ROLE_ATTRIBUTENAME_DEFAULT;
}
- receivedAssertion =
- (AssertionWrapper)
o.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
- if
(receivedAssertion.getSamlVersion().equals(SAMLVersion.VERSION_20)) {
- roles =
this.parseRolesInAssertion(receivedAssertion.getSaml2(), roleAttributeName);
- } else {
- roles =
this.parseRolesInAssertion(receivedAssertion.getSaml1(), roleAttributeName);
- }
+ receivedAssertion =
o.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
+ roles = SAMLUtils.parseRolesInAssertion(receivedAssertion,
roleAttributeName);
msg.put(SecurityContext.class, createSecurityContext(p,
roles));
} else {
msg.put(SecurityContext.class, createSecurityContext(p));
@@ -800,79 +790,6 @@ public class WSS4JInInterceptor extends
return fault;
}
- protected List<String>
parseRolesInAssertion(org.opensaml.saml1.core.Assertion assertion,
- String roleAttributeName) {
- List<org.opensaml.saml1.core.AttributeStatement> attributeStatements =
- assertion.getAttributeStatements();
- if (attributeStatements == null || attributeStatements.isEmpty()) {
- return null;
- }
- List<String> roles = new ArrayList<String>();
-
- for (org.opensaml.saml1.core.AttributeStatement statement :
attributeStatements) {
-
- List<org.opensaml.saml1.core.Attribute> attributes =
statement.getAttributes();
- for (org.opensaml.saml1.core.Attribute attribute : attributes) {
-
- if (attribute.getAttributeName().equals(roleAttributeName)) {
- for (XMLObject attributeValue :
attribute.getAttributeValues()) {
- Element attributeValueElement =
attributeValue.getDOM();
- String value = attributeValueElement.getTextContent();
- roles.add(value);
- }
- if (attribute.getAttributeValues().size() > 1) {
-// Don't search for other attributes with the same name
if
-// <saml:Attribute
xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"
-//
AttributeNamespace="http://schemas.xmlsoap.org/claims"; AttributeName="roles">
-// <saml:AttributeValue>Value1</saml:AttributeValue>
-// <saml:AttributeValue>Value2</saml:AttributeValue>
-// </saml:Attribute>
- break;
- }
- }
-
- }
- }
- return Collections.unmodifiableList(roles);
- }
-
-
- protected List<String>
parseRolesInAssertion(org.opensaml.saml2.core.Assertion assertion,
- String roleAttributeName) {
- List<org.opensaml.saml2.core.AttributeStatement> attributeStatements =
- assertion.getAttributeStatements();
- if (attributeStatements == null || attributeStatements.isEmpty()) {
- return null;
- }
- List<String> roles = new ArrayList<String>();
-
- for (org.opensaml.saml2.core.AttributeStatement statement :
attributeStatements) {
-
- List<org.opensaml.saml2.core.Attribute> attributes =
statement.getAttributes();
- for (org.opensaml.saml2.core.Attribute attribute : attributes) {
-
- if (attribute.getName().equals(roleAttributeName)) {
- for (XMLObject attributeValue :
attribute.getAttributeValues()) {
- Element attributeValueElement =
attributeValue.getDOM();
- String value = attributeValueElement.getTextContent();
- roles.add(value);
- }
- if (attribute.getAttributeValues().size() > 1) {
-// Don't search for other attributes with the same name
if
-// <saml:Attribute
xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"
-//
AttributeNamespace="http://schemas.xmlsoap.org/claims"; AttributeName="roles">
-// <saml:AttributeValue>Value1</saml:AttributeValue>
-// <saml:AttributeValue>Value2</saml:AttributeValue>
-// </saml:Attribute>
- break;
- }
- }
-
- }
- }
- return Collections.unmodifiableList(roles);
- }
-
static class CXFRequestData extends RequestData {
public CXFRequestData() {
