Author: asoldano
Date: Sun Oct 14 10:58:27 2012
New Revision: 1398052
URL: http://svn.apache.org/viewvc?rev=1398052&view=rev
Log:
[CXF-4561] Allow disabling WSI-BSP compliance in UsernameTokenInterceptor
Modified:
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java
Modified:
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java?rev=1398052&r1=1398051&r2=1398052&view=diff
==============================================================================
---
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java
(original)
+++
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java
Sun Oct 14 10:58:27 2012
@@ -170,6 +170,7 @@ public class UsernameTokenInterceptor ex
protected WSUsernameTokenPrincipal getPrincipal(Element tokenElement,
final SoapMessage message)
throws WSSecurityException {
+ boolean bspCompliant = isWsiBSPCompliant(message);
boolean utWithCallbacks =
MessageUtils.getContextualBoolean(message,
SecurityConstants.VALIDATE_TOKEN, true);
if (utWithCallbacks) {
@@ -188,21 +189,23 @@ public class UsernameTokenInterceptor ex
return (Validator)validator;
}
};
- data.setWssConfig(WSSConfig.getNewInstance());
+ WSSConfig config = WSSConfig.getNewInstance();
+ config.setWsiBSPCompliant(bspCompliant);
+ data.setWssConfig(config);
List<WSSecurityEngineResult> results =
p.handleToken(tokenElement, data, wsDocInfo);
return
(WSUsernameTokenPrincipal)results.get(0).get(WSSecurityEngineResult.TAG_PRINCIPAL);
} else {
- WSUsernameTokenPrincipal principal =
parseTokenAndCreatePrincipal(tokenElement);
+ WSUsernameTokenPrincipal principal =
parseTokenAndCreatePrincipal(tokenElement, bspCompliant);
WSS4JTokenConverter.convertToken(message, principal);
return principal;
}
}
- protected WSUsernameTokenPrincipal parseTokenAndCreatePrincipal(Element
tokenElement)
+ protected WSUsernameTokenPrincipal parseTokenAndCreatePrincipal(Element
tokenElement, boolean bspCompliant)
throws WSSecurityException {
org.apache.ws.security.message.token.UsernameToken ut =
- new
org.apache.ws.security.message.token.UsernameToken(tokenElement);
+ new
org.apache.ws.security.message.token.UsernameToken(tokenElement, false,
bspCompliant);
WSUsernameTokenPrincipal principal = new
WSUsernameTokenPrincipal(ut.getName(), ut.isHashed());
principal.setNonce(ut.getNonce());
@@ -213,6 +216,12 @@ public class UsernameTokenInterceptor ex
return principal;
}
+ protected boolean isWsiBSPCompliant(final SoapMessage message) {
+ String bspc =
(String)message.getContextualProperty(SecurityConstants.IS_BSP_COMPLIANT);
+ // Default to WSI-BSP compliance enabled
+ return !("false".equals(bspc) || "0".equals(bspc));
+ }
+
protected SecurityContext createSecurityContext(final Principal p, Subject
subject) {
return new DefaultSecurityContext(p, subject);
}
