Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/processor/UsernameTokenProcessor.java URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/processor/UsernameTokenProcessor.java?rev=1050460&r1=1050459&r2=1050460&view=diff ============================================================================== --- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/processor/UsernameTokenProcessor.java (original) +++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/processor/UsernameTokenProcessor.java Fri Dec 17 18:01:29 2010 @@ -37,35 +37,34 @@ import javax.security.auth.callback.Call import javax.security.auth.callback.CallbackHandler; import javax.security.auth.callback.UnsupportedCallbackException; import java.io.IOException; -import java.security.Principal; import java.util.List; public class UsernameTokenProcessor implements Processor { private static Log log = LogFactory.getLog(UsernameTokenProcessor.class.getName()); - private String utId; - private UsernameToken ut; - private boolean handleCustomPasswordTypes; - private boolean allowNamespaceQualifiedPasswordTypes; - private boolean passwordsAreEncoded; - private WSSConfig wssConfig; - - public void handleToken(Element elem, Crypto crypto, Crypto decCrypto, CallbackHandler cb, - WSDocInfo wsDocInfo, List<WSSecurityEngineResult> returnResults, WSSConfig wsc) throws WSSecurityException { + public List<WSSecurityEngineResult> handleToken( + Element elem, Crypto crypto, Crypto decCrypto, CallbackHandler cb, + WSDocInfo wsDocInfo, WSSConfig wsc + ) throws WSSecurityException { if (log.isDebugEnabled()) { log.debug("Found UsernameToken list element"); } - handleCustomPasswordTypes = wsc.getHandleCustomPasswordTypes(); - allowNamespaceQualifiedPasswordTypes = wsc.getAllowNamespaceQualifiedPasswordTypes(); - passwordsAreEncoded = wsc.getPasswordsAreEncoded(); - wssConfig = wsc; - - Principal lastPrincipalFound = handleUsernameToken(elem, cb); - returnResults.add( - 0, - new WSSecurityEngineResult(WSConstants.UT, lastPrincipalFound, null, null, null) - ); - utId = ut.getID(); + + UsernameToken token = handleUsernameToken(elem, cb, wsc); + + WSUsernameTokenPrincipal principal = + new WSUsernameTokenPrincipal(token.getName(), token.isHashed()); + principal.setNonce(token.getNonce()); + principal.setPassword(token.getPassword()); + principal.setCreatedTime(token.getCreated()); + principal.setPasswordType(token.getPasswordType()); + + WSSecurityEngineResult result = + new WSSecurityEngineResult(WSConstants.UT, token, principal); + result.put(WSSecurityEngineResult.TAG_ID, token.getID()); + wsDocInfo.addTokenElement(elem); + wsDocInfo.addResult(result); + return java.util.Collections.singletonList(result); } /** @@ -82,19 +81,34 @@ public class UsernameTokenProcessor impl * * @param token the DOM element that contains the UsernameToken * @param cb the reference to the callback object - * @return WSUsernameTokenPrincipal that contain data that an application - * may use to further validate the password/user combination. + * @param wssConfig The WSSConfig object from which to obtain configuration + * @return UsernameToken the UsernameToken object that was parsed * @throws WSSecurityException */ - public WSUsernameTokenPrincipal handleUsernameToken(Element token, CallbackHandler cb) - throws WSSecurityException { + public UsernameToken + handleUsernameToken( + Element token, + CallbackHandler cb, + WSSConfig wssConfig + ) throws WSSecurityException { if (cb == null) { throw new WSSecurityException(WSSecurityException.FAILURE, "noCallback"); } + boolean handleCustomPasswordTypes = false; + boolean allowNamespaceQualifiedPasswordTypes = false; + boolean passwordsAreEncoded = false; + + if (wssConfig != null) { + handleCustomPasswordTypes = wssConfig.getHandleCustomPasswordTypes(); + allowNamespaceQualifiedPasswordTypes = + wssConfig.getAllowNamespaceQualifiedPasswordTypes(); + passwordsAreEncoded = wssConfig.getPasswordsAreEncoded(); + } + // // Parse the UsernameToken element // - ut = new UsernameToken(token, allowNamespaceQualifiedPasswordTypes); + UsernameToken ut = new UsernameToken(token, allowNamespaceQualifiedPasswordTypes); ut.setPasswordsAreEncoded(passwordsAreEncoded); String user = ut.getName(); String password = ut.getPassword(); @@ -194,42 +208,8 @@ public class UsernameTokenProcessor impl String origPassword = pwCb.getPassword(); ut.setRawPassword(origPassword); } - WSUsernameTokenPrincipal principal = new WSUsernameTokenPrincipal(user, ut.isHashed()); - principal.setNonce(nonce); - principal.setPassword(password); - principal.setCreatedTime(createdTime); - principal.setPasswordType(pwType); - - return principal; - } - /* (non-Javadoc) - * @see org.apache.ws.security.processor.Processor#getId() - */ - public String getId() { - return utId; - } - - /** - * Get the processed UsernameToken. - * - * @return the ut - */ - public UsernameToken getUt() { return ut; - } - - public byte[] getDerivedKey(CallbackHandler cb) throws WSSecurityException { - String password = ut.getRawPassword(); - if (password == null) { - password = ""; - } - byte[] saltValue = ut.getSalt(); - int iteration = ut.getIteration(); - if (passwordsAreEncoded) { - return UsernameToken.generateDerivedKey(Base64.decode(password), saltValue, iteration); - } else { - return UsernameToken.generateDerivedKey(password, saltValue, iteration); - } } + }
Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/SAMLUtil.java URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/SAMLUtil.java?rev=1050460&r1=1050459&r2=1050460&view=diff ============================================================================== --- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/SAMLUtil.java (original) +++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/SAMLUtil.java Fri Dec 17 18:01:29 2010 @@ -22,8 +22,10 @@ package org.apache.ws.security.saml; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.ws.security.WSConstants; +import org.apache.ws.security.WSDocInfo; import org.apache.ws.security.WSPasswordCallback; import org.apache.ws.security.WSSecurityEngine; +import org.apache.ws.security.WSSecurityEngineResult; import org.apache.ws.security.WSSecurityException; import org.apache.ws.security.components.crypto.Crypto; import org.apache.ws.security.processor.EncryptedKeyProcessor; @@ -116,9 +118,14 @@ public class SAMLUtil { QName el = new QName(node.getNamespaceURI(), node.getLocalName()); if (el.equals(WSSecurityEngine.ENCRYPTED_KEY)) { EncryptedKeyProcessor proc = new EncryptedKeyProcessor(); - proc.handleEncryptedKey((Element)node, cb, crypto, null); - - return new SAMLKeyInfo(assertion, proc.getDecryptedBytes()); + WSDocInfo docInfo = new WSDocInfo(node.getOwnerDocument()); + List<WSSecurityEngineResult> result = + proc.handleToken((Element)node, null, crypto, cb, docInfo, null); + byte[] secret = + (byte[])result.get(0).get( + WSSecurityEngineResult.TAG_DECRYPTED_KEY + ); + return new SAMLKeyInfo(assertion, secret); } else if (el.equals(new QName(WSConstants.WST_NS, "BinarySecret"))) { Text txt = (Text)node.getFirstChild(); return new SAMLKeyInfo(assertion, Base64.decode(txt.getData())); Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/transform/STRTransformUtil.java URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/transform/STRTransformUtil.java?rev=1050460&r1=1050459&r2=1050460&view=diff ============================================================================== --- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/transform/STRTransformUtil.java (original) +++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/transform/STRTransformUtil.java Fri Dec 17 18:01:29 2010 @@ -29,9 +29,6 @@ import org.apache.ws.security.WSDocInfo; import org.apache.ws.security.WSSecurityException; import org.apache.ws.security.message.token.SecurityTokenReference; import org.apache.ws.security.message.token.X509Security; -import org.apache.ws.security.processor.BinarySecurityTokenProcessor; -import org.apache.ws.security.processor.Processor; -import org.apache.ws.security.processor.SAMLTokenProcessor; import org.apache.ws.security.util.Base64; import org.apache.ws.security.util.WSSecurityUtil; import org.w3c.dom.Document; @@ -70,21 +67,7 @@ public class STRTransformUtil { if (log.isDebugEnabled()) { log.debug("STR: Reference"); } - org.apache.ws.security.message.token.Reference ref = secRef.getReference(); - - String uri = ref.getURI(); - if (uri.charAt(0) == '#') { - uri = uri.substring(1); - } - Processor processor = wsDocInfo.getProcessor(uri); - - if (processor == null) { - return secRef.getTokenElement(doc, wsDocInfo, null); - } else if (processor instanceof BinarySecurityTokenProcessor) { - return ((BinarySecurityTokenProcessor)processor).getToken().getElement(); - } else if (processor instanceof SAMLTokenProcessor) { - return ((SAMLTokenProcessor)processor).getSamlTokenElement(); - } + return secRef.getTokenElement(doc, wsDocInfo, null); } // // second case: IssuerSerial, lookup in keystore, wrap in BST according Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/CustomProcessor.java URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/CustomProcessor.java?rev=1050460&r1=1050459&r2=1050460&view=diff ============================================================================== --- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/CustomProcessor.java (original) +++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/common/CustomProcessor.java Fri Dec 17 18:01:29 2010 @@ -33,14 +33,13 @@ import org.apache.ws.security.WSSecurity */ public class CustomProcessor implements Processor { - public final void + public final java.util.List<WSSecurityEngineResult> handleToken( final org.w3c.dom.Element elem, final Crypto crypto, final Crypto decCrypto, final javax.security.auth.callback.CallbackHandler cb, final WSDocInfo wsDocInfo, - final java.util.List<WSSecurityEngineResult> returnResults, final WSSConfig config ) throws WSSecurityException { final WSSecurityEngineResult result = @@ -49,10 +48,6 @@ public class CustomProcessor implements (SecurityContextToken) null ); result.put("foo", this); - returnResults.add(result); - } - - public final String getId() { - return getClass().getName(); + return java.util.Collections.singletonList(result); } }
