This is an automated email from the ASF dual-hosted git repository. coheigea pushed a commit to branch 3.1.x-fixes in repository https://gitbox.apache.org/repos/asf/cxf.git
commit 252ec7178b51f7df9217f9977f55453ec137cd97 Author: Colm O hEigeartaigh <[email protected]> AuthorDate: Tue Mar 27 14:02:14 2018 +0100 CXF-7691 - Make it possible to add two security headers using WSS4JOutInterceptor (cherry picked from commit c02442840de4e8820c4df14a8cead58d5b86d5ec) # Conflicts: # rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JOutInterceptor.java --- .../cxf/ws/security/wss4j/WSS4JOutInterceptor.java | 18 ++++++++- .../apache/cxf/systest/ws/action/ActionTest.java | 46 ++++++++++++++++++++++ .../cxf/systest/ws/action/DoubleItAction.wsdl | 3 ++ .../org/apache/cxf/systest/ws/action/server.xml | 14 +++++++ 4 files changed, 79 insertions(+), 2 deletions(-) diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JOutInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JOutInterceptor.java index 0b9a2b2..e41a91e 100644 --- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JOutInterceptor.java +++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JOutInterceptor.java @@ -23,6 +23,7 @@ import java.util.Collection; import java.util.Collections; import java.util.List; import java.util.Map; +import java.util.Random; import java.util.Set; import java.util.logging.Level; import java.util.logging.Logger; @@ -109,7 +110,14 @@ public class WSS4JOutInterceptor extends AbstractWSS4JInterceptor { if (mc.getContent(SOAPMessage.class) == null) { saajOut.handleMessage(mc); } - + + // If a custom Id has been set, then change the Id for the internal interceptor as well, as otherwise + // we can't add two WSS4JOutInterceptor instances to the interceptor chain. + if (!WSS4JOutInterceptor.class.getName().equals(getId())) { + Random random = new Random(); + int randomInt = random.nextInt(); + ending.setId(WSS4JOutInterceptorInternal.class.getName() + "_" + randomInt); + } mc.getInterceptorChain().add(ending); } public void handleFault(SoapMessage message) { @@ -122,6 +130,8 @@ public class WSS4JOutInterceptor extends AbstractWSS4JInterceptor { final class WSS4JOutInterceptorInternal implements PhaseInterceptor<SoapMessage> { + private String id = WSS4JOutInterceptorInternal.class.getName(); + WSS4JOutInterceptorInternal() { super(); } @@ -282,7 +292,11 @@ public class WSS4JOutInterceptor extends AbstractWSS4JInterceptor { } public String getId() { - return WSS4JOutInterceptorInternal.class.getName(); + return id; + } + + public void setId(String id) { + this.id = id; } public String getPhase() { diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java index 3beb473..5e95499 100644 --- a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java +++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java @@ -532,6 +532,52 @@ public class ActionTest extends AbstractBusClientServerTestBase { } @org.junit.Test + public void testSignatureProgrammaticMultipleActors() throws Exception { + + SpringBusFactory bf = new SpringBusFactory(); + URL busFile = ActionTest.class.getResource("client.xml"); + + Bus bus = bf.createBus(busFile.toString()); + BusFactory.setDefaultBus(bus); + BusFactory.setThreadDefaultBus(bus); + + URL wsdl = ActionTest.class.getResource("DoubleItAction.wsdl"); + Service service = Service.create(wsdl, SERVICE_QNAME); + QName portQName = new QName(NAMESPACE, "DoubleItSignatureConfigPort2"); + + DoubleItPortType port = + service.getPort(portQName, DoubleItPortType.class); + updateAddressPort(port, PORT); + Client client = ClientProxy.getClient(port); + + // Add a UsernameToken for the "dave" actor + Map<String, Object> props = new HashMap<>(); + props.put(ConfigurationConstants.ACTION, "UsernameToken"); + props.put(ConfigurationConstants.ACTOR, "dave"); + props.put(ConfigurationConstants.USER, "alice"); + props.put(ConfigurationConstants.PW_CALLBACK_REF, new KeystorePasswordCallback()); + WSS4JOutInterceptor outInterceptor = new WSS4JOutInterceptor(props); + client.getOutInterceptors().add(outInterceptor); + + // Add a Signature for the "bob" actor - this is what the service is expecting + Map<String, Object> props2 = new HashMap<>(); + props2.put(ConfigurationConstants.ACTION, "Signature"); + props2.put(ConfigurationConstants.ACTOR, "bob"); + props2.put(ConfigurationConstants.SIGNATURE_USER, "alice"); + props2.put(ConfigurationConstants.PW_CALLBACK_REF, new KeystorePasswordCallback()); + props2.put(ConfigurationConstants.SIG_KEY_ID, "DirectReference"); + props2.put(ConfigurationConstants.SIG_PROP_FILE, "alice.properties"); + outInterceptor = new WSS4JOutInterceptor(props2); + outInterceptor.setId("WSS4JOutInterceptor2"); + client.getOutInterceptors().add(outInterceptor); + + assertEquals(50, port.doubleIt(25)); + + ((java.io.Closeable)port).close(); + bus.shutdown(true); + } + + @org.junit.Test public void testSignatureDispatchPayload() throws Exception { SpringBusFactory bf = new SpringBusFactory(); diff --git a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/DoubleItAction.wsdl b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/DoubleItAction.wsdl index 5060aa3..9c50b4d 100644 --- a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/DoubleItAction.wsdl +++ b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/DoubleItAction.wsdl @@ -87,6 +87,9 @@ <wsdl:port name="DoubleItSignatureConfigPort" binding="tns:DoubleItNoSecurityBinding"> <soap:address location="http://localhost:9001/DoubleItSignatureConfig"/> </wsdl:port> + <wsdl:port name="DoubleItSignatureConfigPort2" binding="tns:DoubleItNoSecurityBinding"> + <soap:address location="http://localhost:9001/DoubleItSignatureConfig2"/> + </wsdl:port> </wsdl:service> </wsdl:definitions> diff --git a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/server.xml b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/server.xml index d1230be..faf2f35 100644 --- a/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/server.xml +++ b/systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/action/server.xml @@ -298,4 +298,18 @@ </jaxws:inInterceptors> </jaxws:endpoint> + <jaxws:endpoint xmlns:s="http://www.example.org/contract/DoubleIt"; id="SignatureConfig2" address="http://localhost:${testutil.ports.action.Server}/DoubleItSignatureConfig2"; serviceName="s:DoubleItService" endpointName="s:DoubleItSignatureConfigPort2" implementor="org.apache.cxf.systest.ws.common.DoubleItImpl" wsdlLocation="org/apache/cxf/systest/ws/action/DoubleItAction.wsdl"> + <jaxws:inInterceptors> + <bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor"> + <constructor-arg> + <map> + <entry key="action" value="Signature"/> + <entry key="actor" value="bob"/> + <entry key="signatureVerificationPropFile" value="bob.properties"/> + </map> + </constructor-arg> + </bean> + </jaxws:inInterceptors> + </jaxws:endpoint> + </beans> -- To stop receiving notification emails like this one, please contact [email protected].
