Author: coheigea
Date: Fri Feb 18 16:24:36 2011
New Revision: 1072043
URL: http://svn.apache.org/viewvc?rev=1072043&view=rev
Log:
[WSS-254] - A fix for this issue.
Modified:
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/EnvelopeIdResolver.java
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecEncrypt.java
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecSignatureBase.java
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/token/DerivedKeyToken.java
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/token/SecurityTokenReference.java
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/util/WSSecurityUtil.java
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/EncryptionPartsTest.java
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SignaturePartsTest.java
Modified:
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/EnvelopeIdResolver.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/EnvelopeIdResolver.java?rev=1072043&r1=1072042&r2=1072043&view=diff
==============================================================================
---
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/EnvelopeIdResolver.java
(original)
+++
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/EnvelopeIdResolver.java
Fri Feb 18 16:24:36 2011
@@ -21,8 +21,8 @@ package org.apache.ws.security.message;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.ws.security.WSConstants;
import org.apache.ws.security.WSDocInfo;
-import org.apache.ws.security.WSEncryptionPart;
import org.apache.ws.security.util.WSSecurityUtil;
import org.apache.xml.security.signature.XMLSignatureInput;
import org.apache.xml.security.utils.resolver.ResourceResolverException;
@@ -88,9 +88,18 @@ public class EnvelopeIdResolver extends
selectedElem = wsDocInfo.getTokenElement(id);
}
- if (selectedElem == null) {
- WSEncryptionPart part = new WSEncryptionPart(id);
- selectedElem = WSSecurityUtil.findElement(part,
uri.getOwnerDocument(), true);
+ if (selectedElem == null && (id != null || "".equals(id))) {
+ Element bodyElement =
WSSecurityUtil.findBodyElement(uri.getOwnerDocument());
+ String cId = bodyElement.getAttributeNS(WSConstants.WSU_NS, "Id");
+ if (cId.equals(id)) {
+ selectedElem = bodyElement;
+ } else {
+ selectedElem=
+ WSSecurityUtil.findElementById(
+ uri.getOwnerDocument().getDocumentElement(), id, true
+ );
+ }
+
if (selectedElem == null) {
throw new ResourceResolverException("generic.EmptyMessage",
new Object[]{"Id: " + id + " not found"},
Modified:
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecEncrypt.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecEncrypt.java?rev=1072043&r1=1072042&r2=1072043&view=diff
==============================================================================
---
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecEncrypt.java
(original)
+++
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecEncrypt.java
Fri Feb 18 16:24:36 2011
@@ -415,8 +415,8 @@ public class WSSecEncrypt extends WSSecE
//
// Get the data to encrypt.
//
- Element elementToEncrypt = WSSecurityUtil.findElement(encPart,
doc, false);
- if (elementToEncrypt == null) {
+ List<Element> elementsToEncrypt =
WSSecurityUtil.findElements(encPart, doc);
+ if (elementsToEncrypt == null || elementsToEncrypt.size() == 0) {
throw new WSSecurityException(
WSSecurityException.FAILURE,
"noEncElement",
@@ -425,73 +425,99 @@ public class WSSecEncrypt extends WSSecE
}
String modifier = encPart.getEncModifier();
- boolean content = modifier.equals("Content") ? true : false;
- //
- // Encrypt data, and set necessary attributes in xenc:EncryptedData
- //
- String xencEncryptedDataId =
- config.getIdAllocator().createId("ED-", elementToEncrypt);
- encPart.setEncId(xencEncryptedDataId);
- try {
- if (modifier.equals("Header")) {
- Element elem =
- doc.createElementNS(
- WSConstants.WSSE11_NS, "wsse11:" +
WSConstants.ENCRYPTED_HEADER
- );
- WSSecurityUtil.setNamespace(elem, WSConstants.WSSE11_NS,
WSConstants.WSSE11_PREFIX);
- String wsuPrefix =
- WSSecurityUtil.setNamespace(elem, WSConstants.WSU_NS,
WSConstants.WSU_PREFIX);
- elem.setAttributeNS(
- WSConstants.WSU_NS, wsuPrefix + ":Id",
- config.getIdAllocator().createId("EH-",
elementToEncrypt)
- );
- //
- // Add the EncryptedHeader node to the element to be
encrypted's parent
- // (i.e. the SOAP header). Add the element to be encrypted
to the Encrypted
- // Header node as well
- //
- elementToEncrypt.getParentNode().appendChild(elem);
- elementToEncrypt =
-
(Element)elementToEncrypt.getParentNode().removeChild(elementToEncrypt);
- elementToEncrypt =
(Element)elem.appendChild(elementToEncrypt);
-
- NamedNodeMap map = elementToEncrypt.getAttributes();
- for (int i = 0 ; i < map.getLength() ; i++) {
- Attr attr = (Attr)map.item(i);
- if
(attr.getNamespaceURI().equals(WSConstants.URI_SOAP11_ENV)
- ||
attr.getNamespaceURI().equals(WSConstants.URI_SOAP12_ENV)) {
- String soapEnvPrefix =
- WSSecurityUtil.setNamespace(
- elem, attr.getNamespaceURI(),
WSConstants.DEFAULT_SOAP_PREFIX
- );
- elem.setAttributeNS(
- attr.getNamespaceURI(),
- soapEnvPrefix + ":" + attr.getLocalName(),
- attr.getValue()
- );
- }
- }
- }
-
- xmlCipher.init(XMLCipher.ENCRYPT_MODE, secretKey);
- EncryptedData encData = xmlCipher.getEncryptedData();
- encData.setId(xencEncryptedDataId);
- encData.setKeyInfo(keyInfo);
- xmlCipher.doFinal(doc, elementToEncrypt, content);
+ for (Element elementToEncrypt : elementsToEncrypt) {
+ String id =
+ encryptElement(doc, elementToEncrypt, modifier, config,
xmlCipher,
+ secretKey, keyInfo);
+ encPart.setEncId(id);
+ encDataRef.add("#" + id);
+ }
- if (part != (references.size() - 1)) {
+ if (part != (references.size() - 1)) {
+ try {
keyInfo = new KeyInfo((Element)
keyInfo.getElement().cloneNode(true), null);
+ } catch (Exception ex) {
+ throw new WSSecurityException(
+ WSSecurityException.FAILED_ENCRYPTION, null, null, ex
+ );
}
- } catch (Exception ex) {
- throw new WSSecurityException(
- WSSecurityException.FAILED_ENCRYPTION, null, null, ex
- );
}
- encDataRef.add("#" + xencEncryptedDataId);
}
return encDataRef;
}
+ /**
+ * Encrypt an element.
+ */
+ private static String encryptElement(
+ Document doc,
+ Element elementToEncrypt,
+ String modifier,
+ WSSConfig config,
+ XMLCipher xmlCipher,
+ SecretKey secretKey,
+ KeyInfo keyInfo
+ ) throws WSSecurityException {
+
+ boolean content = modifier.equals("Content") ? true : false;
+ //
+ // Encrypt data, and set necessary attributes in xenc:EncryptedData
+ //
+ String xencEncryptedDataId =
+ config.getIdAllocator().createId("ED-", elementToEncrypt);
+ try {
+ if (modifier.equals("Header")) {
+ Element elem =
+ doc.createElementNS(
+ WSConstants.WSSE11_NS, "wsse11:" +
WSConstants.ENCRYPTED_HEADER
+ );
+ WSSecurityUtil.setNamespace(elem, WSConstants.WSSE11_NS,
WSConstants.WSSE11_PREFIX);
+ String wsuPrefix =
+ WSSecurityUtil.setNamespace(elem, WSConstants.WSU_NS,
WSConstants.WSU_PREFIX);
+ elem.setAttributeNS(
+ WSConstants.WSU_NS, wsuPrefix + ":Id",
+ config.getIdAllocator().createId("EH-", elementToEncrypt)
+ );
+ //
+ // Add the EncryptedHeader node to the element to be
encrypted's parent
+ // (i.e. the SOAP header). Add the element to be encrypted to
the Encrypted
+ // Header node as well
+ //
+ elementToEncrypt.getParentNode().appendChild(elem);
+ elementToEncrypt =
+
(Element)elementToEncrypt.getParentNode().removeChild(elementToEncrypt);
+ elementToEncrypt = (Element)elem.appendChild(elementToEncrypt);
+
+ NamedNodeMap map = elementToEncrypt.getAttributes();
+ for (int i = 0 ; i < map.getLength() ; i++) {
+ Attr attr = (Attr)map.item(i);
+ if
(attr.getNamespaceURI().equals(WSConstants.URI_SOAP11_ENV)
+ ||
attr.getNamespaceURI().equals(WSConstants.URI_SOAP12_ENV)) {
+ String soapEnvPrefix =
+ WSSecurityUtil.setNamespace(
+ elem, attr.getNamespaceURI(),
WSConstants.DEFAULT_SOAP_PREFIX
+ );
+ elem.setAttributeNS(
+ attr.getNamespaceURI(),
+ soapEnvPrefix + ":" + attr.getLocalName(),
+ attr.getValue()
+ );
+ }
+ }
+ }
+
+ xmlCipher.init(XMLCipher.ENCRYPT_MODE, secretKey);
+ EncryptedData encData = xmlCipher.getEncryptedData();
+ encData.setId(xencEncryptedDataId);
+ encData.setKeyInfo(keyInfo);
+ xmlCipher.doFinal(doc, elementToEncrypt, content);
+ return xencEncryptedDataId;
+ } catch (Exception ex) {
+ throw new WSSecurityException(
+ WSSecurityException.FAILED_ENCRYPTION, null, null, ex
+ );
+ }
+ }
/**
* Create a KeyInfo object
Modified:
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecSignatureBase.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecSignatureBase.java?rev=1072043&r1=1072042&r2=1072043&view=diff
==============================================================================
---
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecSignatureBase.java
(original)
+++
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecSignatureBase.java
Fri Feb 18 16:24:36 2011
@@ -142,37 +142,41 @@ public class WSSecSignatureBase extends
referenceList.add(reference);
} else {
String nmSpace = encPart.getNamespace();
- Element elementToSign = element;
- if (elementToSign == null) {
- elementToSign = WSSecurityUtil.findElement(encPart,
doc, false);
- if (elementToSign == null) {
- throw new WSSecurityException(
- WSSecurityException.FAILURE,
- "noEncElement",
- new Object[] {nmSpace + ", " + elemName}
- );
- }
- }
- wsDocInfo.addProtectionElement(elementToSign);
- TransformParameterSpec transformSpec = null;
- if (wssConfig.isWsiBSPCompliant()) {
- List<String> prefixes =
getInclusivePrefixes(elementToSign);
- transformSpec = new ExcC14NParameterSpec(prefixes);
+ List<Element> elementsToSign = null;
+ if (element != null) {
+ elementsToSign = Collections.singletonList(element);
+ } else {
+ elementsToSign = WSSecurityUtil.findElements(encPart,
doc);
}
- Transform transform =
- signatureFactory.newTransform(
- WSConstants.C14N_EXCL_OMIT_COMMENTS,
- transformSpec
- );
- javax.xml.crypto.dsig.Reference reference =
- signatureFactory.newReference(
- "#" + setWsuId(elementToSign),
- digestMethod,
- Collections.singletonList(transform),
- null,
- null
+ if (elementsToSign == null || elementsToSign.size() == 0) {
+ throw new WSSecurityException(
+ WSSecurityException.FAILURE,
+ "noEncElement",
+ new Object[] {nmSpace + ", " + elemName}
);
- referenceList.add(reference);
+ }
+ for (Element elementToSign : elementsToSign) {
+ wsDocInfo.addProtectionElement(elementToSign);
+ TransformParameterSpec transformSpec = null;
+ if (wssConfig.isWsiBSPCompliant()) {
+ List<String> prefixes =
getInclusivePrefixes(elementToSign);
+ transformSpec = new ExcC14NParameterSpec(prefixes);
+ }
+ Transform transform =
+ signatureFactory.newTransform(
+ WSConstants.C14N_EXCL_OMIT_COMMENTS,
+ transformSpec
+ );
+ javax.xml.crypto.dsig.Reference reference =
+ signatureFactory.newReference(
+ "#" + setWsuId(elementToSign),
+ digestMethod,
+ Collections.singletonList(transform),
+ null,
+ null
+ );
+ referenceList.add(reference);
+ }
}
} catch (Exception ex) {
log.error("", ex);
Modified:
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/token/DerivedKeyToken.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/token/DerivedKeyToken.java?rev=1072043&r1=1072042&r2=1072043&view=diff
==============================================================================
---
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/token/DerivedKeyToken.java
(original)
+++
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/token/DerivedKeyToken.java
Fri Feb 18 16:24:36 2011
@@ -249,10 +249,10 @@ public class DerivedKeyToken {
String propertyName = properties.get(key); //Get the property name
//Check whether this property is already there
//If so change the value
- Node node =
+ Element node =
WSSecurityUtil.findElement(elementProperties, propertyName,
ns);
- if (node != null && Node.ELEMENT_NODE == node.getNodeType()) {
//If the node is not null
- Text node1 = getFirstNode((Element) node);
+ if (node != null) { //If the node is not null
+ Text node1 = getFirstNode(node);
node1.setData(properties.get(propertyName));
} else {
addProperty(propertyName, properties.get(propertyName));
Modified:
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/token/SecurityTokenReference.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/token/SecurityTokenReference.java?rev=1072043&r1=1072042&r2=1072043&view=diff
==============================================================================
---
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/token/SecurityTokenReference.java
(original)
+++
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/token/SecurityTokenReference.java
Fri Feb 18 16:24:36 2011
@@ -617,7 +617,7 @@ public class SecurityTokenReference {
}
if (WSConstants.X509_DATA_LN.equals(elem.getLocalName())) {
elem =
- (Element)WSSecurityUtil.findElement(
+ WSSecurityUtil.findElement(
elem, WSConstants.X509_ISSUER_SERIAL_LN, WSConstants.SIG_NS
);
}
Modified:
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/util/WSSecurityUtil.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/util/WSSecurityUtil.java?rev=1072043&r1=1072042&r2=1072043&view=diff
==============================================================================
---
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/util/WSSecurityUtil.java
(original)
+++
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/util/WSSecurityUtil.java
Fri Feb 18 16:24:36 2011
@@ -49,6 +49,7 @@ import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.ArrayList;
+import java.util.Collections;
import java.util.Iterator;
import java.util.List;
@@ -236,17 +237,17 @@ public class WSSecurityUtil {
* Find the DOM Element in the SOAP Envelope that is referenced by the
* WSEncryptionPart argument. The "Id" is used before the Element
localname/namespace.
*
- * @param part The WSEncryptionPart object corresponding to the DOM
Element we want
+ * @param part The WSEncryptionPart object corresponding to the DOM
Element(s) we want
* @param doc The owning document
* @param checkMultipleElements Whether to check for multiple elements or
not
* @return the DOM Element in the SOAP Envelope that is found
*/
- public static Element findElement(
- WSEncryptionPart part, Document doc, boolean checkMultipleElements
+ public static List<Element> findElements(
+ WSEncryptionPart part, Document doc
) {
// See if the DOM Element is stored in the WSEncryptionPart first
if (part.getElement() != null) {
- return part.getElement();
+ return Collections.singletonList(part.getElement());
}
// Next try to find the SOAP body
@@ -258,24 +259,26 @@ public class WSSecurityUtil {
if (id != null) {
String cId = bodyElement.getAttributeNS(WSConstants.WSU_NS,
"Id");
if (cId.equals(id)) {
- return bodyElement;
+ return Collections.singletonList(bodyElement);
}
} else {
if (WSConstants.ELEM_BODY.equals(elemName) &&
bodyElement.getNamespaceURI().equals(nmSpace)) {
- return bodyElement;
+ return Collections.singletonList(bodyElement);
}
}
}
if (id != null) {
- return WSSecurityUtil.findElementById(doc.getDocumentElement(),
id, checkMultipleElements);
+ Element element =
+ WSSecurityUtil.findElementById(doc.getDocumentElement(), id,
false);
+ return Collections.singletonList(element);
} else {
return
- (Element) WSSecurityUtil.findElement(doc.getDocumentElement(),
elemName, nmSpace);
+ WSSecurityUtil.findElements(doc.getDocumentElement(),
elemName, nmSpace);
}
}
-
+
/**
* Returns the first element that matches <code>name</code> and
* <code>namespace</code>. <p/> This is a replacement for a XPath lookup
@@ -287,7 +290,7 @@ public class WSSecurityUtil {
* @param namespace Namespace URI of the element
* @return The found element or <code>null</code>
*/
- public static Node findElement(Node startNode, String name, String
namespace) {
+ public static Element findElement(Node startNode, String name, String
namespace) {
//
// Replace the formerly recursive implementation with a
depth-first-loop
// lookup
@@ -304,12 +307,12 @@ public class WSSecurityUtil {
&& startNode.getLocalName().equals(name)) {
String ns = startNode.getNamespaceURI();
if (ns != null && ns.equals(namespace)) {
- return startNode;
+ return (Element)startNode;
}
if ((namespace == null || namespace.length() == 0)
&& (ns == null || ns.length() == 0)) {
- return startNode;
+ return (Element)startNode;
}
}
processedNode = startNode;
@@ -334,6 +337,64 @@ public class WSSecurityUtil {
return null;
}
+ /**
+ * Returns all elements that match <code>name</code> and
<code>namespace</code>.
+ * <p/> This is a replacement for a XPath lookup
+ * <code>//name</code> with the given namespace. It's somewhat faster than
+ * XPath, and we do not deal with prefixes, just with the real namespace
URI
+ *
+ * @param startNode Where to start the search
+ * @param name Local name of the element
+ * @param namespace Namespace URI of the element
+ * @return The found elements (or an empty list)
+ */
+ public static List<Element> findElements(Node startNode, String name,
String namespace) {
+ //
+ // Replace the formerly recursive implementation with a
depth-first-loop
+ // lookup
+ //
+ if (startNode == null) {
+ return null;
+ }
+ Node startParent = startNode.getParentNode();
+ Node processedNode = null;
+
+ List<Element> foundNodes = new ArrayList<Element>();
+ while (startNode != null) {
+ // start node processing at this point
+ if (startNode.getNodeType() == Node.ELEMENT_NODE
+ && startNode.getLocalName().equals(name)) {
+ String ns = startNode.getNamespaceURI();
+ if (ns != null && ns.equals(namespace)) {
+ foundNodes.add((Element)startNode);
+ }
+
+ if ((namespace == null || namespace.length() == 0)
+ && (ns == null || ns.length() == 0)) {
+ foundNodes.add((Element)startNode);
+ }
+ }
+ processedNode = startNode;
+ startNode = startNode.getFirstChild();
+
+ // no child, this node is done.
+ if (startNode == null) {
+ // close node processing, get sibling
+ startNode = processedNode.getNextSibling();
+ }
+ // no more siblings, get parent, all children
+ // of parent are processed.
+ while (startNode == null) {
+ processedNode = processedNode.getParentNode();
+ if (processedNode == startParent) {
+ return foundNodes;
+ }
+ // close parent node processing (processed node now)
+ startNode = processedNode.getNextSibling();
+ }
+ }
+ return foundNodes;
+ }
/**
* Returns the single SAMLAssertion element that contains an
AssertionID/ID that
Modified:
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/EncryptionPartsTest.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/EncryptionPartsTest.java?rev=1072043&r1=1072042&r2=1072043&view=diff
==============================================================================
---
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/EncryptionPartsTest.java
(original)
+++
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/EncryptionPartsTest.java
Fri Feb 18 16:24:36 2011
@@ -57,6 +57,16 @@ public class EncryptionPartsTest extends
" <ns1:testMethod
xmlns:ns1=\"http://axis/service/security/test6/LogTestService8\";></ns1:testMethod>"
+
" </soapenv:Body>" +
"</soapenv:Envelope>";
+ private static final String SOAPMSG_MULTIPLE = "<?xml version=\"1.0\"
encoding=\"UTF-8\"?>" +
+ "<soapenv:Envelope xmlns:foo=\"urn:foo.bar\"
xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\";
xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\";
xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\";>" +
+ " <soapenv:Header>" +
+ " <foo:foobar>baz</foo:foobar>" +
+ " </soapenv:Header>" +
+ " <soapenv:Body>" +
+ " <ns1:testMethod
xmlns:ns1=\"http://axis/service/security/test6/LogTestService8\";>asf1</ns1:testMethod>"
+
+ " <ns1:testMethod
xmlns:ns1=\"http://axis/service/security/test6/LogTestService8\";>asf2</ns1:testMethod>"
+
+ " </soapenv:Body>" +
+ "</soapenv:Envelope>";
private WSSecurityEngine secEngine = new WSSecurityEngine();
private CallbackHandler callbackHandler = new KeystoreCallbackHandler();
@@ -244,7 +254,7 @@ public class EncryptionPartsTest extends
/**
- * Test signing a custom SOAP header and the SOAP body
+ * Test encrypting a custom SOAP header and the SOAP body
*/
@org.junit.Test
public void testSOAPHeaderAndBody() throws Exception {
@@ -363,6 +373,45 @@ public class EncryptionPartsTest extends
WSSecurityUtil.checkAllElementsProtected(results, WSConstants.ENCR,
new QName[]{bodyName});
}
+ /**
+ * Test encrypting two SOAP Body elements with the same QName.
+ */
+ @org.junit.Test
+ public void testMultipleElements() throws Exception {
+ Document doc = SOAPUtil.toSOAPPart(SOAPMSG_MULTIPLE);
+ WSSecEncrypt encrypt = new WSSecEncrypt();
+ encrypt.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e",
"security");
+ encrypt.setKeyIdentifierType(WSConstants.ISSUER_SERIAL);
+
+ WSSecHeader secHeader = new WSSecHeader();
+ secHeader.insertSecurityHeader(doc);
+
+ List<WSEncryptionPart> parts = new ArrayList<WSEncryptionPart>();
+ WSEncryptionPart encP =
+ new WSEncryptionPart(
+ "testMethod",
+ "http://axis/service/security/test6/LogTestService8";,
+ "");
+ parts.add(encP);
+ encrypt.setParts(parts);
+
+ Document encryptedDoc = encrypt.build(doc, crypto, secHeader);
+
+ String outputString =
+
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(encryptedDoc);
+ if (LOG.isDebugEnabled()) {
+ LOG.debug(outputString);
+ }
+ assert !outputString.contains("testMethod");
+
+ verify(encryptedDoc);
+
+ outputString =
+
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(encryptedDoc);
+ assert outputString.contains("asf1");
+ assert outputString.contains("asf2");
+ }
+
/**
* Verifies the soap envelope
Modified:
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SignaturePartsTest.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SignaturePartsTest.java?rev=1072043&r1=1072042&r2=1072043&view=diff
==============================================================================
---
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SignaturePartsTest.java
(original)
+++
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SignaturePartsTest.java
Fri Feb 18 16:24:36 2011
@@ -68,6 +68,16 @@ public class SignaturePartsTest extends
" <ns1:testMethod
xmlns:ns1=\"http://axis/service/security/test6/LogTestService8\";></ns1:testMethod>"
+
" </soapenv:Body>" +
"</soapenv:Envelope>";
+ private static final String SOAPMSG_MULTIPLE = "<?xml version=\"1.0\"
encoding=\"UTF-8\"?>" +
+ "<soapenv:Envelope xmlns:foo=\"urn:foo.bar\"
xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\";
xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\";
xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\";>" +
+ " <soapenv:Header>" +
+ " <foo:foobar>baz</foo:foobar>" +
+ " </soapenv:Header>" +
+ " <soapenv:Body>" +
+ " <ns1:testMethod
xmlns:ns1=\"http://axis/service/security/test6/LogTestService8\";>asf1</ns1:testMethod>"
+
+ " <ns1:testMethod
xmlns:ns1=\"http://axis/service/security/test6/LogTestService8\";>asf2</ns1:testMethod>"
+
+ " </soapenv:Body>" +
+ "</soapenv:Envelope>";
private WSSecurityEngine secEngine = new WSSecurityEngine();
private Crypto crypto = CryptoFactory.getInstance();
@@ -411,6 +421,39 @@ public class SignaturePartsTest extends
WSSecurityUtil.checkAllElementsProtected(results, WSConstants.SIGN,
new QName[]{bodyName});
}
+ /**
+ * Test signing two SOAP Body elements with the same QName.
+ */
+ @org.junit.Test
+ public void testMultipleElements() throws Exception {
+ Document doc = SOAPUtil.toSOAPPart(SOAPMSG_MULTIPLE);
+ WSSecSignature sign = new WSSecSignature();
+ sign.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
+ sign.setKeyIdentifierType(WSConstants.ISSUER_SERIAL);
+
+ WSSecHeader secHeader = new WSSecHeader();
+ secHeader.insertSecurityHeader(doc);
+
+ List<WSEncryptionPart> parts = new ArrayList<WSEncryptionPart>();
+ WSEncryptionPart encP =
+ new WSEncryptionPart(
+ "testMethod",
+ "http://axis/service/security/test6/LogTestService8";,
+ "");
+ parts.add(encP);
+ sign.setParts(parts);
+
+ Document signedDoc = sign.build(doc, crypto, secHeader);
+
+ String outputString =
+
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc);
+ if (LOG.isDebugEnabled()) {
+ LOG.debug(outputString);
+ }
+
+ verify(signedDoc);
+ }
+
/**
* Verifies the soap envelope
