[CXF-6883] - Crypto caching issues in the WS-Security code
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/4bce078f Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/4bce078f Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/4bce078f Branch: refs/heads/master-jaxrs-2.1 Commit: 4bce078fa98db0a64acf8017196fbcc7eadaa3a1 Parents: 64b8dbc Author: Colm O hEigeartaigh <[email protected]> Authored: Tue Apr 26 14:20:31 2016 +0100 Committer: Colm O hEigeartaigh <[email protected]> Committed: Tue Apr 26 14:21:32 2016 +0100 ---------------------------------------------------------------------- .../wss4j/policyhandlers/AbstractBindingBuilder.java | 8 +++++++- .../wss4j/policyhandlers/SymmetricBindingHandler.java | 1 - 2 files changed, 7 insertions(+), 2 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/4bce078f/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java ---------------------------------------------------------------------- diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java index 27254df..335f1ef 100644 --- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java +++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java @@ -309,6 +309,9 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle Map<Object, Crypto> o = CastUtils.cast((Map<?, ?>)message.getContextualProperty(CRYPTO_CACHE)); if (o == null) { + o = CastUtils.cast((Map<?, ?>)info.getProperty(CRYPTO_CACHE)); + } + if (o == null) { o = new ConcurrentHashMap<>(); info.setProperty(CRYPTO_CACHE, o); } @@ -1507,6 +1510,9 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle crypto.verifyTrust(certs, enableRevocation, null); } } + if (crypto != null) { + this.message.getExchange().put(SecurityConstants.ENCRYPT_CRYPTO, crypto); + } return crypto; } @@ -1777,7 +1783,7 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle crypto = getEncryptionCrypto(); } - if (!endorse) { + if (!encryptCrypto) { message.getExchange().put(SecurityConstants.SIGNATURE_CRYPTO, crypto); } String user = (String)SecurityUtils.getSecurityPropertyValue(userNameKey, message); http://git-wip-us.apache.org/repos/asf/cxf/blob/4bce078f/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java ---------------------------------------------------------------------- diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java index 46e5301..b785898 100644 --- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java +++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java @@ -545,7 +545,6 @@ public class SymmetricBindingHandler extends AbstractBindingBuilder { encr.setEphemeralKey(encrTok.getSecret()); Crypto crypto = getEncryptionCrypto(); if (crypto != null) { - this.message.getExchange().put(SecurityConstants.ENCRYPT_CRYPTO, crypto); setEncryptionUser(encr, encrToken, false, crypto); }
