Repository: cxf Updated Branches: refs/heads/master 988fcce01 -> bceee342b
Some updates from WSS4J Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/bceee342 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/bceee342 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/bceee342 Branch: refs/heads/master Commit: bceee342b32f3704ca75176d06067f90c6d3fbdc Parents: 988fcce Author: Colm O hEigeartaigh <cohei...@apache.org> Authored: Thu Jan 14 11:57:59 2016 +0000 Committer: Colm O hEigeartaigh <cohei...@apache.org> Committed: Thu Jan 14 11:57:59 2016 +0000 ---------------------------------------------------------------------- .../security/trust/STSStaxTokenValidator.java | 14 +++++++------- .../security/wss4j/WSS4JStaxInInterceptor.java | 14 +++++++------- .../cxf/ws/security/wss4j/WSS4JUtils.java | 2 +- .../AbstractStaxBindingHandler.java | 20 ++++++++++---------- .../StaxAsymmetricBindingHandler.java | 4 ++-- .../StaxSymmetricBindingHandler.java | 4 ++-- 6 files changed, 29 insertions(+), 29 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/bceee342/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSStaxTokenValidator.java ---------------------------------------------------------------------- diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSStaxTokenValidator.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSStaxTokenValidator.java index a51a6f1..b70fdcf 100644 --- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSStaxTokenValidator.java +++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSStaxTokenValidator.java @@ -160,11 +160,11 @@ public class STSStaxTokenValidator // If the UsernameToken is to be used for key derivation, the (1.1) // spec says that it cannot contain a password, and it must contain // an Iteration element - final byte[] salt = XMLSecurityUtils.getQNameType(usernameTokenType.getAny(), WSSConstants.TAG_wsse11_Salt); + final byte[] salt = XMLSecurityUtils.getQNameType(usernameTokenType.getAny(), WSSConstants.TAG_WSSE11_SALT); PasswordString passwordType = - XMLSecurityUtils.getQNameType(usernameTokenType.getAny(), WSSConstants.TAG_wsse_Password); + XMLSecurityUtils.getQNameType(usernameTokenType.getAny(), WSSConstants.TAG_WSSE_PASSWORD); final Long iteration = - XMLSecurityUtils.getQNameType(usernameTokenType.getAny(), WSSConstants.TAG_wsse11_Iteration); + XMLSecurityUtils.getQNameType(usernameTokenType.getAny(), WSSConstants.TAG_WSSE11_ITERATION); if (salt != null && (passwordType != null || iteration == null)) { throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY_TOKEN, "badTokenType01"); } @@ -206,7 +206,7 @@ public class STSStaxTokenValidator final EncodedString encodedNonce = XMLSecurityUtils.getQNameType(usernameTokenType.getAny(), - WSSConstants.TAG_wsse_Nonce); + WSSConstants.TAG_WSSE_NONCE); byte[] nonceVal = null; if (encodedNonce != null && encodedNonce.getValue() != null) { nonceVal = Base64.decodeBase64(encodedNonce.getValue()); @@ -214,7 +214,7 @@ public class STSStaxTokenValidator final AttributedDateTime attributedDateTimeCreated = XMLSecurityUtils.getQNameType(usernameTokenType.getAny(), - WSSConstants.TAG_wsu_Created); + WSSConstants.TAG_WSU_CREATED); String created = null; if (attributedDateTimeCreated != null) { @@ -492,7 +492,7 @@ public class STSStaxTokenValidator x509PKIPathv1SecurityToken.setElementPath(tokenContext.getElementPath()); x509PKIPathv1SecurityToken.setXMLSecEvent(tokenContext.getFirstXMLSecEvent()); return x509PKIPathv1SecurityToken; - } else if (WSSConstants.NS_GSS_Kerberos5_AP_REQ.equals(binarySecurityTokenType.getValueType())) { + } else if (WSSConstants.NS_GSS_KERBEROS5_AP_REQ.equals(binarySecurityTokenType.getValueType())) { KerberosServiceSecurityTokenImpl kerberosServiceSecurityToken = new KerberosServiceSecurityTokenImpl( tokenContext.getWsSecurityContext(), @@ -540,7 +540,7 @@ public class STSStaxTokenValidator binarySecurity = new X509Security(doc); } else if (WSSConstants.NS_X509PKIPathv1.equals(binarySecurityTokenType.getValueType())) { binarySecurity = new PKIPathSecurity(doc); - } else if (WSSConstants.NS_GSS_Kerberos5_AP_REQ.equals(binarySecurityTokenType.getValueType())) { + } else if (WSSConstants.NS_GSS_KERBEROS5_AP_REQ.equals(binarySecurityTokenType.getValueType())) { binarySecurity = new KerberosSecurity(doc); } else { throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY_TOKEN); http://git-wip-us.apache.org/repos/asf/cxf/blob/bceee342/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java ---------------------------------------------------------------------- diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java index 58a4955..b855505 100644 --- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java +++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JStaxInInterceptor.java @@ -368,15 +368,15 @@ public class WSS4JStaxInInterceptor extends AbstractWSS4JStaxInterceptor { ) throws WSSecurityException { Validator validator = loadValidator(SecurityConstants.SAML1_TOKEN_VALIDATOR, message); if (validator != null) { - properties.addValidator(WSSConstants.TAG_saml_Assertion, validator); + properties.addValidator(WSSConstants.TAG_SAML_ASSERTION, validator); } validator = loadValidator(SecurityConstants.SAML2_TOKEN_VALIDATOR, message); if (validator != null) { - properties.addValidator(WSSConstants.TAG_saml2_Assertion, validator); + properties.addValidator(WSSConstants.TAG_SAML2_ASSERTION, validator); } validator = loadValidator(SecurityConstants.USERNAME_TOKEN_VALIDATOR, message); if (validator != null) { - properties.addValidator(WSSConstants.TAG_wsse_UsernameToken, validator); + properties.addValidator(WSSConstants.TAG_WSSE_USERNAME_TOKEN, validator); } validator = loadValidator(SecurityConstants.SIGNATURE_TOKEN_VALIDATOR, message); if (validator != null) { @@ -384,16 +384,16 @@ public class WSS4JStaxInInterceptor extends AbstractWSS4JStaxInterceptor { } validator = loadValidator(SecurityConstants.TIMESTAMP_TOKEN_VALIDATOR, message); if (validator != null) { - properties.addValidator(WSSConstants.TAG_wsu_Timestamp, validator); + properties.addValidator(WSSConstants.TAG_WSU_TIMESTAMP, validator); } validator = loadValidator(SecurityConstants.BST_TOKEN_VALIDATOR, message); if (validator != null) { - properties.addValidator(WSSConstants.TAG_wsse_BinarySecurityToken, validator); + properties.addValidator(WSSConstants.TAG_WSSE_BINARY_SECURITY_TOKEN, validator); } validator = loadValidator(SecurityConstants.SCT_TOKEN_VALIDATOR, message); if (validator != null) { - properties.addValidator(WSSConstants.TAG_wsc0502_SecurityContextToken, validator); - properties.addValidator(WSSConstants.TAG_wsc0512_SecurityContextToken, validator); + properties.addValidator(WSSConstants.TAG_WSC0502_SCT, validator); + properties.addValidator(WSSConstants.TAG_WSC0512_SCT, validator); } } http://git-wip-us.apache.org/repos/asf/cxf/blob/bceee342/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java ---------------------------------------------------------------------- diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java index b3f3dd4..f54680f 100644 --- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java +++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JUtils.java @@ -157,7 +157,7 @@ public final class WSS4JUtils { if (securityToken.getTokenType() == WSSecurityTokenConstants.EncryptedKeyToken) { cachedTok.setTokenType(WSSConstants.NS_WSS_ENC_KEY_VALUE_TYPE); } else if (securityToken.getTokenType() == WSSecurityTokenConstants.KerberosToken) { - cachedTok.setTokenType(WSSConstants.NS_GSS_Kerberos5_AP_REQ); + cachedTok.setTokenType(WSSConstants.NS_GSS_KERBEROS5_AP_REQ); } else if (securityToken.getTokenType() == WSSecurityTokenConstants.Saml11Token) { cachedTok.setTokenType(WSSConstants.NS_SAML11_TOKEN_PROFILE_TYPE); } else if (securityToken.getTokenType() == WSSecurityTokenConstants.Saml20Token) { http://git-wip-us.apache.org/repos/asf/cxf/blob/bceee342/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java ---------------------------------------------------------------------- diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java index 779407a..4940b99 100644 --- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java +++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractStaxBindingHandler.java @@ -171,7 +171,7 @@ public abstract class AbstractStaxBindingHandler extends AbstractCommonBindingHa } } - return new SecurePart(WSSConstants.TAG_wsse_UsernameToken, Modifier.Element); + return new SecurePart(WSSConstants.TAG_WSSE_USERNAME_TOKEN, Modifier.Element); } private static class UTCallbackHandler implements CallbackHandler { @@ -265,7 +265,7 @@ public abstract class AbstractStaxBindingHandler extends AbstractCommonBindingHa } */ - SecurePart securePart = new SecurePart(WSSConstants.TAG_wsse_BinarySecurityToken, Modifier.Element); + SecurePart securePart = new SecurePart(WSSConstants.TAG_WSSE_BINARY_SECURITY_TOKEN, Modifier.Element); securePart.setIdToSign(wss4jToken.getId()); return securePart; @@ -304,10 +304,10 @@ public abstract class AbstractStaxBindingHandler extends AbstractCommonBindingHa } properties.addAction(actionToPerform); - QName qname = WSSConstants.TAG_saml2_Assertion; + QName qname = WSSConstants.TAG_SAML2_ASSERTION; SamlTokenType tokenType = token.getSamlTokenType(); if (tokenType == SamlTokenType.WssSamlV11Token10 || tokenType == SamlTokenType.WssSamlV11Token11) { - qname = WSSConstants.TAG_saml_Assertion; + qname = WSSConstants.TAG_SAML_ASSERTION; } return new SecurePart(qname, Modifier.Element); @@ -362,9 +362,9 @@ public abstract class AbstractStaxBindingHandler extends AbstractCommonBindingHa }; properties.setSamlCallbackHandler(callbackHandler); - QName qname = WSSConstants.TAG_saml2_Assertion; + QName qname = WSSConstants.TAG_SAML2_ASSERTION; if (WSConstants.SAML_NS.equals(el.getNamespaceURI())) { - qname = WSSConstants.TAG_saml_Assertion; + qname = WSSConstants.TAG_SAML_ASSERTION; } return new SecurePart(qname, Modifier.Element); @@ -671,7 +671,7 @@ public abstract class AbstractStaxBindingHandler extends AbstractCommonBindingHa configureSignature(token, false); if (suppTokens.isEncryptedToken()) { SecurePart part = - new SecurePart(WSSConstants.TAG_wsse_BinarySecurityToken, Modifier.Element); + new SecurePart(WSSConstants.TAG_WSSE_BINARY_SECURITY_TOKEN, Modifier.Element); encryptedTokensList.add(part); } ret.put(token, new SecurePart(WSSConstants.TAG_dsig_Signature, Modifier.Element)); @@ -777,8 +777,8 @@ public abstract class AbstractStaxBindingHandler extends AbstractCommonBindingHa List<WSSConstants.Action> actionList = properties.getActions(); // Don't add a signed SAML Token as a part, as it will be automatically signed by WSS4J - if (!((WSSConstants.TAG_saml_Assertion.equals(name) - || WSSConstants.TAG_saml2_Assertion.equals(name)) + if (!((WSSConstants.TAG_SAML_ASSERTION.equals(name) + || WSSConstants.TAG_SAML2_ASSERTION.equals(name)) && actionList != null && actionList.contains(WSSConstants.SAML_TOKEN_SIGNED))) { properties.addSignaturePart(part); } @@ -805,7 +805,7 @@ public abstract class AbstractStaxBindingHandler extends AbstractCommonBindingHa if (sigParts != null) { SecurePart securePart = - new SecurePart(WSSConstants.TAG_wsse11_SignatureConfirmation, Modifier.Element); + new SecurePart(WSSConstants.TAG_WSSE11_SIG_CONF, Modifier.Element); sigParts.add(securePart); } signatureConfirmationAdded = true; http://git-wip-us.apache.org/repos/asf/cxf/blob/bceee342/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java ---------------------------------------------------------------------- diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java index 771c5e2..1a9c6cf 100644 --- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java +++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxAsymmetricBindingHandler.java @@ -191,7 +191,7 @@ public class StaxAsymmetricBindingHandler extends AbstractStaxBindingHandler { enc.add(part); if (signatureConfirmationAdded) { SecurePart securePart = - new SecurePart(WSSConstants.TAG_wsse11_SignatureConfirmation, Modifier.Element); + new SecurePart(WSSConstants.TAG_WSSE11_SIG_CONF, Modifier.Element); enc.add(securePart); } assertPolicy( @@ -303,7 +303,7 @@ public class StaxAsymmetricBindingHandler extends AbstractStaxBindingHandler { encrParts.add(part); if (signatureConfirmationAdded) { SecurePart securePart = - new SecurePart(WSSConstants.TAG_wsse11_SignatureConfirmation, Modifier.Element); + new SecurePart(WSSConstants.TAG_WSSE11_SIG_CONF, Modifier.Element); encrParts.add(securePart); } assertPolicy( http://git-wip-us.apache.org/repos/asf/cxf/blob/bceee342/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java ---------------------------------------------------------------------- diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java index aa4137f..9a42984 100644 --- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java +++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/StaxSymmetricBindingHandler.java @@ -238,7 +238,7 @@ public class StaxSymmetricBindingHandler extends AbstractStaxBindingHandler { new SecurePart(new QName(WSSConstants.NS_DSIG, "Signature"), Modifier.Element); encrParts.add(part); if (signatureConfirmationAdded) { - part = new SecurePart(WSSConstants.TAG_wsse11_SignatureConfirmation, Modifier.Element); + part = new SecurePart(WSSConstants.TAG_WSSE11_SIG_CONF, Modifier.Element); encrParts.add(part); } assertPolicy( @@ -376,7 +376,7 @@ public class StaxSymmetricBindingHandler extends AbstractStaxBindingHandler { new SecurePart(new QName(WSSConstants.NS_DSIG, "Signature"), Modifier.Element); enc.add(part); if (signatureConfirmationAdded) { - part = new SecurePart(WSSConstants.TAG_wsse11_SignatureConfirmation, Modifier.Element); + part = new SecurePart(WSSConstants.TAG_WSSE11_SIG_CONF, Modifier.Element); enc.add(part); } assertPolicy(