Author: giger
Date: Fri Oct 28 08:51:32 2011
New Revision: 1190211
URL: http://svn.apache.org/viewvc?rev=1190211&view=rev
Log:
allow XInclude for config
Added:
webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/config/XIncludeHandler.java
(with props)
webservices/wss4j/branches/swssf/streaming-xml-security/src/main/resources/schemas/security-config.xsd
- copied, changed from r1181996,
webservices/wss4j/branches/swssf/streaming-xml-security/src/main/resources/security-config.xsd
Removed:
webservices/wss4j/branches/swssf/streaming-xml-security/src/main/resources/security-config.xsd
Modified:
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/resources/wss/wss-config.xml
webservices/wss4j/branches/swssf/streaming-xml-security/pom.xml
webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/config/Init.java
webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/config/JCEAlgorithmMapper.java
webservices/wss4j/branches/swssf/streaming-xml-security/src/main/resources/security-config.xml
webservices/wss4j/branches/swssf/streaming-xml-security/src/test/java/org/swssf/xmlsec/test/UncategorizedTest.java
Modified:
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/resources/wss/wss-config.xml
URL:
http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/resources/wss/wss-config.xml?rev=1190211&r1=1190210&r2=1190211&view=diff
==============================================================================
---
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/resources/wss/wss-config.xml
(original)
+++
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/resources/wss/wss-config.xml
Fri Oct 28 08:51:32 2011
@@ -1,13 +1,10 @@
<?xml version="1.0"?>
<!-- This configuration file is used for configuration of the org.swssf -->
-<Configuration target="org.apache.xml.security"
xmlns="http://www.xmlsecurity.org/NS/configuration";>
+<Configuration target="org.apache.xml.security"
xmlns="http://www.xmlsecurity.org/NS/configuration";
xmlns:xi="http://www.w3.org/2001/XInclude";>
<Properties>
<Property NAME="securityTokenFactory"
VAL="org.swssf.wss.impl.securityToken.SecurityTokenFactoryImpl"/>
- <Property NAME="CACertKeyStorePassword" VAL="changeit"/>
- <!--<Property NAME="CertProvider" VAL="BC"/>-->
- <!--<Property NAME="DefaultX509Alias" VAL="sigEnc"/>-->
+ <xi:include href="security-config.xml"
xpointer="xmlns(c=http://www.xmlsecurity.org/NS/configuration)xpointer(/c:Configuration/c:Properties/c:Property[@NAME!='securityTokenFactory'])"/>
</Properties>
- <!-- todo XInclude from security-config ?! -->
<SecurityHeaderHandlers>
<Handler NAME="BinarySecurityToken"
URI="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
@@ -53,348 +50,16 @@
JAVACLASS="org.swssf.wss.impl.processor.input.DerivedKeyTokenInputHandler"/>
</SecurityHeaderHandlers>
<TransformAlgorithms>
- <!-- c14n omitting comments -->
- <TransformAlgorithm URI="http://www.w3.org/TR/2001/REC-xml-c14n-20010315";
-
JAVACLASS="org.swssf.xmlsec.impl.transformer.canonicalizer.Canonicalizer20010315_OmitCommentsTransformer"
/>
- <!-- c14n with comments -->
- <TransformAlgorithm
URI="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments";
-
JAVACLASS="org.swssf.xmlsec.impl.transformer.canonicalizer.Canonicalizer20010315_WithCommentsTransformer"
/>
- <!-- c14n 1.1 omitting comments -->
- <TransformAlgorithm URI="http://www.w3.org/2006/12/xml-c14n11";
-
JAVACLASS="org.swssf.xmlsec.impl.transformer.canonicalizer.Canonicalizer11_OmitCommentsTransformer"
/>
- <!-- c14n 1.1 with comments -->
- <TransformAlgorithm
URI="http://www.w3.org/2006/12/xml-c14n11#WithComments";
-
JAVACLASS="org.swssf.xmlsec.impl.transformer.canonicalizer.Canonicalizer11_WithCommentsTransformer"
/>
- <!-- exclusive c14n omitting comments -->
- <TransformAlgorithm URI="http://www.w3.org/2001/10/xml-exc-c14n#";
-
JAVACLASS="org.swssf.xmlsec.impl.transformer.canonicalizer.Canonicalizer20010315_ExclOmitCommentsTransformer"
/>
- <!-- exclusive c14n with comments -->
- <TransformAlgorithm
URI="http://www.w3.org/2001/10/xml-exc-c14n#WithComments";
-
JAVACLASS="org.swssf.xmlsec.impl.transformer.canonicalizer.Canonicalizer20010315_ExclWithCommentsTransformer"
/>
-
<!-- STR-Transformer -->
<TransformAlgorithm
URI="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#STR-Transform";
JAVACLASS="org.swssf.wss.impl.transformer.STRTransformer" />
-
- <!-- Base64 -->
- <TransformAlgorithm URI="http://www.w3.org/2000/09/xmldsig#base64";
-
JAVACLASS="org.apache.xml.security.transforms.implementations.TransformBase64Decode"
/>
- <!-- XPath transform -->
- <TransformAlgorithm URI="http://www.w3.org/TR/1999/REC-xpath-19991116";
-
JAVACLASS="org.apache.xml.security.transforms.implementations.TransformXPath" />
- <!-- enveloped signature -->
- <TransformAlgorithm
URI="http://www.w3.org/2000/09/xmldsig#enveloped-signature";
-
JAVACLASS="org.apache.xml.security.transforms.implementations.TransformEnvelopedSignature"
/>
- <!-- XSLT -->
- <TransformAlgorithm URI="http://www.w3.org/TR/1999/REC-xslt-19991116";
-
JAVACLASS="org.apache.xml.security.transforms.implementations.TransformXSLT" />
- <!-- XPath version 2 -->
- <TransformAlgorithm URI="http://www.w3.org/2002/04/xmldsig-filter2";
-
JAVACLASS="org.apache.xml.security.transforms.implementations.TransformXPath2Filter"
/>
- <!-- XPath version 2b -->
- <TransformAlgorithm URI="http://www.w3.org/2002/06/xmldsig-filter2";
-
JAVACLASS="org.apache.xml.security.transforms.implementations.TransformXPath2Filter"
/>
+ <xi:include href="security-config.xml"
xpointer="xmlns(c=http://www.xmlsecurity.org/NS/configuration)xpointer(/c:Configuration/c:TransformAlgorithms/c:TransformAlgorithm[@URI!='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#STR-Transform'])"/>
</TransformAlgorithms>
<JCEAlgorithmMappings>
- <Algorithms>
- <!-- MessageDigest Algorithms -->
- <Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#md5";
- Description="MD5 message digest from RFC 1321"
- AlgorithmClass="MessageDigest"
- RequirementLevel="NOT RECOMMENDED"
-
SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt";
- KeyLength="128"
- JCEProvider="BC"
- JCEName="MD5"/>
-
- <Algorithm URI="http://www.w3.org/2001/04/xmlenc#ripemd160";
- Description="RIPEMD-160 message digest"
- AlgorithmClass="MessageDigest"
- RequirementLevel="OPTIONAL"
- KeyLength="160"
- JCEProvider="BC"
- JCEName="RIPEMD160"/>
-
- <Algorithm URI="http://www.w3.org/2000/09/xmldsig#sha1";
- Description="SHA-1 message digest"
- AlgorithmClass="MessageDigest"
- RequirementLevel="REQUIRED"
- KeyLength="160"
- JCEProvider="BC"
- JCEName="SHA-1"/>
-
- <Algorithm URI="http://www.w3.org/2001/04/xmlenc#sha256";
- Description="SHA-1 message digest with 256 bit"
- AlgorithmClass="MessageDigest"
- RequirementLevel="RECOMMENDED"
- KeyLength="256"
- JCEProvider="BC"
- JCEName="SHA-256"/>
-
- <Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#sha384";
- Description="SHA message digest with 384 bit"
- AlgorithmClass="MessageDigest"
- RequirementLevel="OPTIONAL"
-
SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt";
- KeyLength="384"
- JCEProvider="BC"
- JCEName="SHA-384"/>
-
- <Algorithm URI="http://www.w3.org/2001/04/xmlenc#sha512";
- Description="SHA-1 message digest with 512 bit"
- AlgorithmClass="MessageDigest"
- RequirementLevel="OPTIONAL"
- KeyLength="512"
- JCEProvider="BC"
- JCEName="SHA-512"/>
-
- <!-- Signature Algorithms -->
- <Algorithm URI="http://www.w3.org/2000/09/xmldsig#dsa-sha1";
- Description="Digital Signature Algorithm with SHA-1
message digest"
- AlgorithmClass="Signature"
- RequirementLevel="REQUIRED"
- KeyLength="160"
- RequiredKey="SHA1withDSA"
- JCEProvider="BC"
- JCEName="SHA1withDSA"/>
-
- <Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-md5";
- Description="RSA Signature with MD5 message digest"
- AlgorithmClass="Signature"
- RequirementLevel="NOT RECOMMENDED"
-
SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt";
- KeyLength="128"
- RequiredKey="MD5withRSA"
- JCEProvider="BC"
- JCEName="MD5withRSA"/>
-
- <Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160";
- Description="RSA Signature with RIPEMD-160 message digest"
- AlgorithmClass="Signature"
- RequirementLevel="OPTIONAL"
-
SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt";
- KeyLength="160"
- RequiredKey="RIPEMD160withRSA"
- JCEProvider="BC"
- JCEName="RIPEMD160withRSA"/>
-
- <Algorithm URI="http://www.w3.org/2000/09/xmldsig#rsa-sha1";
- Description="RSA Signature with SHA-1 message digest"
- AlgorithmClass="Signature"
- RequirementLevel="RECOMMENDED"
- KeyLength="160"
- RequiredKey="SHA1withRSA"
- JCEProvider="BC"
- JCEName="SHA1withRSA"/>
-
- <Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256";
- Description="RSA Signature with SHA-256 message digest"
- AlgorithmClass="Signature"
- RequirementLevel="OPTIONAL"
-
SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt";
- KeyLength="256"
- RequiredKey="SHA256withRSA"
- JCEProvider="BC"
- JCEName="SHA256withRSA"/>
-
- <Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384";
- Description="RSA Signature with SHA-384 message digest"
- AlgorithmClass="Signature"
- RequirementLevel="OPTIONAL"
-
SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt";
- KeyLength="384"
- RequiredKey="SHA384withRSA"
- JCEProvider="BC"
- JCEName="SHA384withRSA"/>
-
- <Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512";
- Description="RSA Signature with SHA-512 message digest"
- AlgorithmClass="Signature"
- RequirementLevel="OPTIONAL"
-
SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt";
- KeyLength="512"
- RequiredKey="SHA512withRSA"
- JCEProvider="BC"
- JCEName="SHA512withRSA"/>
-
- <Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1";
- Description="ECDSA Signature with SHA-1 message digest"
- AlgorithmClass="Signature"
- RequirementLevel="OPTIONAL"
-
SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt";
- KeyLength="160"
- RequiredKey="ECDSAwithSHA1"
- JCEProvider="BC"
- JCEName="ECDSAwithSHA1"/>
-
- <!-- MAC Algorithms -->
- <Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-md5";
- Description="Message Authentication code using MD5"
- AlgorithmClass="Mac"
- RequirementLevel="NOT RECOMMENDED"
-
SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt";
- KeyLength="128"
- RequiredKey="HmacMD5"
- JCEProvider="BC"
- JCEName="HmacMD5"/>
-
- <Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160";
- Description="Message Authentication code using RIPEMD-160"
- AlgorithmClass="Mac"
- RequirementLevel="OPTIONAL"
-
SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt";
- KeyLength="160"
- RequiredKey="HMACRIPEMD160"
- JCEProvider="BC"
- JCEName="HMACRIPEMD160"/>
-
- <Algorithm URI="http://www.w3.org/2000/09/xmldsig#hmac-sha1";
- Description="Message Authentication code using SHA1"
- AlgorithmClass="Mac"
- RequirementLevel="REQUIRED"
- KeyLength="160"
- RequiredKey="HmacSHA1"
- JCEProvider="BC"
- JCEName="HmacSHA1"/>
-
- <Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256";
- Description="Message Authentication code using SHA-256"
- AlgorithmClass="Mac"
- RequirementLevel="OPTIONAL"
-
SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt";
- KeyLength="256"
- RequiredKey="HmacSHA256"
- JCEProvider="BC"
- JCEName="HmacSHA256"/>
-
- <Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-sha384";
- Description="Message Authentication code using SHA-384"
- AlgorithmClass="Mac"
- RequirementLevel="OPTIONAL"
-
SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt";
- KeyLength="384"
- RequiredKey="HmacSHA384"
- JCEProvider="BC"
- JCEName="HmacSHA384"/>
-
- <Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#hmac-sha512";
- Description="Message Authentication code using SHA-512"
- AlgorithmClass="Mac"
- RequirementLevel="OPTIONAL"
-
SpecificationURL="http://www.ietf.org/internet-drafts/draft-eastlake-xmldsig-uri-02.txt";
- KeyLength="512"
- RequiredKey="HmacSHA512"
- JCEProvider="BC"
- JCEName="HmacSHA512"/>
-
- <!-- Block encryption Algorithms -->
- <Algorithm URI="http://www.w3.org/2001/04/xmlenc#tripledes-cbc";
- Description="Block encryption using Triple-DES"
- AlgorithmClass="BlockEncryption"
- RequirementLevel="REQUIRED"
- KeyLength="192"
- RequiredKey="DESede"
- JCEProvider="BC"
- JCEName="DESede/CBC/ISO10126Padding"/>
-
- <Algorithm URI="http://www.w3.org/2001/04/xmlenc#aes128-cbc";
- Description="Block encryption using AES with a key length
of 128 bit"
- AlgorithmClass="BlockEncryption"
- RequirementLevel="REQUIRED"
- KeyLength="128"
- RequiredKey="AES"
- JCEProvider="BC"
- JCEName="AES/CBC/ISO10126Padding"/>
-
- <Algorithm URI="http://www.w3.org/2001/04/xmlenc#aes192-cbc";
- Description="Block encryption using AES with a key length
of 192 bit"
- AlgorithmClass="BlockEncryption"
- RequirementLevel="OPTIONAL"
- KeyLength="192"
- RequiredKey="AES"
- JCEProvider="BC"
- JCEName="AES/CBC/ISO10126Padding"/>
-
- <Algorithm URI="http://www.w3.org/2001/04/xmlenc#aes256-cbc";
- Description="Block encryption using AES with a key length
of 256 bit"
- AlgorithmClass="BlockEncryption"
- RequirementLevel="REQUIRED"
- KeyLength="256"
- RequiredKey="AES"
- JCEProvider="BC"
- JCEName="AES/CBC/ISO10126Padding"/>
-
- <Algorithm URI="http://www.w3.org/2001/04/xmlenc#rsa-1_5";
- Description="Key Transport RSA-v1.5"
- AlgorithmClass="KeyTransport"
- RequirementLevel="REQUIRED"
- RequiredKey="RSA"
- JCEProvider="BC"
- JCEName="RSA/ECB/PKCS1Padding"/>
-
- <Algorithm URI="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p";
- Description="Key Transport RSA-OAEP"
- AlgorithmClass="KeyTransport"
- RequirementLevel="REQUIRED"
- RequiredKey="RSA"
- JCEProvider="BC"
- JCEName="RSA/ECB/OAEPWithSHA1AndMGF1Padding"/>
-
- <Algorithm URI="http://www.w3.org/2001/04/xmlenc#dh";
- Description="Key Agreement Diffie-Hellman"
- AlgorithmClass="KeyAgreement"
- RequirementLevel="OPTIONAL"
- RequiredKey="DH"
- JCEProvider="BC"
- JCEName="DH"/>
-
- <Algorithm URI="http://www.w3.org/2001/04/xmlenc#kw-tripledes";
- Description="Symmetric Key Wrap using Triple DES"
- AlgorithmClass="SymmetricKeyWrap"
- RequirementLevel="REQUIRED"
- KeyLength="192"
- RequiredKey="DESede"
- JCEProvider="BC"
- JCEName="DESedeWrap"/>
-
- <Algorithm URI="http://www.w3.org/2001/04/xmlenc#kw-aes128";
- Description="Symmetric Key Wrap using AES with a key
length of 128 bit"
- AlgorithmClass="SymmetricKeyWrap"
- RequirementLevel="REQUIRED"
- KeyLength="128"
- RequiredKey="AES"
- JCEProvider="BC"
- JCEName="AESWrap"/>
-
- <Algorithm URI="http://www.w3.org/2001/04/xmlenc#kw-aes192";
- Description="Symmetric Key Wrap using AES with a key
length of 192 bit"
- AlgorithmClass="SymmetricKeyWrap"
- RequirementLevel="OPTIONAL"
- KeyLength="192"
- RequiredKey="AES"
- JCEProvider="BC"
- JCEName="AESWrap"/>
-
- <Algorithm URI="http://www.w3.org/2001/04/xmlenc#kw-aes256";
- Description="Symmetric Key Wrap using AES with a key
length of 256 bit"
- AlgorithmClass="SymmetricKeyWrap"
- RequirementLevel="REQUIRED"
- KeyLength="256"
- RequiredKey="AES"
- JCEProvider="BC"
- JCEName="AESWrap"/>
-
- </Algorithms>
+ <xi:include href="security-config.xml"
xpointer="xmlns(c=http://www.xmlsecurity.org/NS/configuration)xpointer(/c:Configuration/c:JCEAlgorithmMappings/c:Algorithm)"/>
</JCEAlgorithmMappings>
<ResourceResolvers>
- <Resolver
JAVACLASS="org.apache.xml.security.utils.resolver.implementations.ResolverDirectHTTP"
- DESCRIPTION="A simple resolver for requests to HTTP space" />
- <Resolver
JAVACLASS="org.apache.xml.security.utils.resolver.implementations.ResolverLocalFilesystem"
- DESCRIPTION="A simple resolver for requests to the local file
system" />
- <Resolver
JAVACLASS="org.apache.xml.security.utils.resolver.implementations.ResolverFragment"
- DESCRIPTION="A simple resolver for requests of same-document
URIs" />
- <Resolver
JAVACLASS="org.apache.xml.security.utils.resolver.implementations.ResolverXPointer"
- DESCRIPTION="A simple resolver for requests of XPointer
fragents" />
+ <xi:include href="security-config.xml"
xpointer="xmlns(c=http://www.xmlsecurity.org/NS/configuration)xpointer(/c:Configuration/c:ResourceResolvers/c:Resolver)"/>
</ResourceResolvers>
</Configuration>
Modified: webservices/wss4j/branches/swssf/streaming-xml-security/pom.xml
URL:
http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-xml-security/pom.xml?rev=1190211&r1=1190210&r2=1190211&view=diff
==============================================================================
--- webservices/wss4j/branches/swssf/streaming-xml-security/pom.xml (original)
+++ webservices/wss4j/branches/swssf/streaming-xml-security/pom.xml Fri Oct 28
08:51:32 2011
@@ -137,9 +137,12 @@
</execution>
</executions>
<configuration>
- <includeSchemas>
- <includeSchema>security-config.xsd</includeSchema>
- </includeSchemas>
+ <schemaDirectory>
+ ${basedir}/src/main/resources/schemas
+ </schemaDirectory>
+ <schemaIncludes>
+ <schemaInclude>security-config.xsd</schemaInclude>
+ </schemaIncludes>
<readOnly>true</readOnly>
</configuration>
</plugin>
Modified:
webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/config/Init.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/config/Init.java?rev=1190211&r1=1190210&r2=1190211&view=diff
==============================================================================
---
webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/config/Init.java
(original)
+++
webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/config/Init.java
Fri Oct 28 08:51:32 2011
@@ -26,6 +26,9 @@ import javax.xml.XMLConstants;
import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBElement;
import javax.xml.bind.Unmarshaller;
+import javax.xml.bind.UnmarshallerHandler;
+import javax.xml.parsers.SAXParser;
+import javax.xml.parsers.SAXParserFactory;
import javax.xml.validation.Schema;
import javax.xml.validation.SchemaFactory;
import java.net.URL;
@@ -39,23 +42,28 @@ import java.net.URL;
*/
public class Init {
- private static String initialized = null;
+ private static URL initialized = null;
@SuppressWarnings("unchecked")
public synchronized static void init(URL url) throws XMLSecurityException {
- if (initialized == null || (url != null &&
!url.toExternalForm().equals(initialized))) {
+ if (initialized == null || (url != null && !url.equals(initialized))) {
try {
JAXBContext jaxbContext =
JAXBContext.newInstance("org.xmlsecurity.ns.configuration");
final Unmarshaller unmarshaller =
jaxbContext.createUnmarshaller();
SchemaFactory schemaFactory =
SchemaFactory.newInstance(XMLConstants.W3C_XML_SCHEMA_NS_URI);
- Schema schema =
schemaFactory.newSchema(Init.class.getClassLoader().getResource("security-config.xsd"));
+ Schema schema =
schemaFactory.newSchema(Init.class.getClassLoader().getResource("schemas/security-config.xsd"));
unmarshaller.setSchema(schema);
- JAXBElement<ConfigurationType> configurationTypeJAXBElement;
- if (url != null) {
- configurationTypeJAXBElement =
(JAXBElement<ConfigurationType>) unmarshaller.unmarshal(url);
- } else {
- configurationTypeJAXBElement =
(JAXBElement<ConfigurationType>)
unmarshaller.unmarshal(Init.class.getClassLoader().getResourceAsStream("security-config.xml"));
+ final UnmarshallerHandler unmarshallerHandler =
unmarshaller.getUnmarshallerHandler();
+
+ SAXParserFactory saxParserFactory =
SAXParserFactory.newInstance();
+ saxParserFactory.setXIncludeAware(false);
+ saxParserFactory.setNamespaceAware(true);
+ SAXParser saxParser = saxParserFactory.newSAXParser();
+ if (url == null) {
+ url =
Init.class.getClassLoader().getResource("security-config.xml");
}
+ saxParser.parse(url.toExternalForm(), new
XIncludeHandler(unmarshallerHandler));
+ JAXBElement<ConfigurationType> configurationTypeJAXBElement =
(JAXBElement<ConfigurationType>) unmarshallerHandler.getResult();
ConfigurationProperties.init(configurationTypeJAXBElement.getValue().getProperties());
SecurityHeaderHandlerMapper.init(configurationTypeJAXBElement.getValue().getSecurityHeaderHandlers());
@@ -65,7 +73,7 @@ public class Init {
} catch (Exception e) {
throw new
XMLSecurityConfigurationException(XMLSecurityException.ErrorCode.FAILURE, null,
e);
}
- initialized = "security-config.xml";
+ initialized = url;
}
}
}
Modified:
webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/config/JCEAlgorithmMapper.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/config/JCEAlgorithmMapper.java?rev=1190211&r1=1190210&r2=1190211&view=diff
==============================================================================
---
webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/config/JCEAlgorithmMapper.java
(original)
+++
webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/config/JCEAlgorithmMapper.java
Fri Oct 28 08:51:32 2011
@@ -42,7 +42,7 @@ public class JCEAlgorithmMapper {
}
protected synchronized static void init(JCEAlgorithmMappingsType
jceAlgorithmMappingsType) throws Exception {
- List<AlgorithmType> algorithms =
jceAlgorithmMappingsType.getAlgorithms().getAlgorithm();
+ List<AlgorithmType> algorithms =
jceAlgorithmMappingsType.getAlgorithm();
uriToJCEName = new HashMap<String, String>(algorithms.size());
algorithmsMap = new HashMap<String, AlgorithmType>(algorithms.size());
Added:
webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/config/XIncludeHandler.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/config/XIncludeHandler.java?rev=1190211&view=auto
==============================================================================
---
webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/config/XIncludeHandler.java
(added)
+++
webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/config/XIncludeHandler.java
Fri Oct 28 08:51:32 2011
@@ -0,0 +1,286 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.swssf.xmlsec.config;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.w3c.dom.Document;
+import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;
+import org.xml.sax.*;
+import org.xml.sax.helpers.DefaultHandler;
+import org.xml.sax.helpers.XMLReaderFactory;
+
+import javax.xml.namespace.NamespaceContext;
+import javax.xml.transform.Transformer;
+import javax.xml.transform.TransformerConfigurationException;
+import javax.xml.transform.TransformerException;
+import javax.xml.transform.TransformerFactory;
+import javax.xml.transform.dom.DOMResult;
+import javax.xml.transform.dom.DOMSource;
+import javax.xml.transform.sax.SAXResult;
+import javax.xml.transform.sax.SAXTransformerFactory;
+import javax.xml.transform.sax.TransformerHandler;
+import javax.xml.xpath.XPath;
+import javax.xml.xpath.XPathConstants;
+import javax.xml.xpath.XPathExpressionException;
+import javax.xml.xpath.XPathFactory;
+import java.io.IOException;
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.Map;
+
+/**
+ * Absolutely primive XInclude#xpointer scheme handling
+ *
+ * @author $Author$
+ * @version $Revision$ $Date$
+ */
+public class XIncludeHandler extends DefaultHandler {
+
+ private static final transient Log logger =
LogFactory.getLog(XIncludeHandler.class);
+
+ private static final String xIncludeNS = "http://www.w3.org/2001/XInclude";;
+ private static final String xIncludeLN = "include";
+ private ContentHandler contentHandler;
+ private URL systemId = null;
+ private boolean skipEvents = false;
+
+ Map<URL, Document> uriDocMap = new HashMap<URL, Document>();
+
+ public XIncludeHandler(ContentHandler contentHandler) {
+ this.contentHandler = contentHandler;
+ }
+
+ private XIncludeHandler(ContentHandler contentHandler, Map<URL, Document>
uriDocMap) {
+ this.contentHandler = contentHandler;
+ this.uriDocMap = uriDocMap;
+ }
+
+
+ public void setDocumentLocator(Locator locator) {
+ //this.systemId could already be set when we do a IdentityTransform
(@see below)
+ if (locator.getSystemId() == null && this.systemId == null) {
+ throw new UnsupportedOperationException("Please specify a correct
systemId to the sax.parse() method!");
+ }
+ try {
+ if (locator.getSystemId() != null) {
+ this.systemId = new URL(locator.getSystemId());
+ }
+ } catch (MalformedURLException e) {
+ throw new IllegalArgumentException(e);
+ }
+ this.contentHandler.setDocumentLocator(locator);
+ }
+
+ public void startDocument() throws SAXException {
+ if (!skipEvents) {
+ this.contentHandler.startDocument();
+ }
+ }
+
+ public void endDocument() throws SAXException {
+ if (!skipEvents) {
+ this.contentHandler.endDocument();
+ }
+ }
+
+ public void startPrefixMapping(String prefix, String uri) throws
SAXException {
+ if (!skipEvents) {
+ this.contentHandler.startPrefixMapping(prefix, uri);
+ }
+ }
+
+ public void endPrefixMapping(String prefix) throws SAXException {
+ if (!skipEvents) {
+ this.contentHandler.endPrefixMapping(prefix);
+ }
+ }
+
+ public void startElement(String uri, String localName, String qName,
Attributes atts) throws SAXException {
+ if (xIncludeNS.equals(uri) && xIncludeLN.equals(localName)) {
+ String href = atts.getValue("href");
+ if (href == null) {
+ throw new SAXException("XInclude href attribute is missing");
+ }
+ String parse = atts.getValue("parse");
+ if (parse != null && !"xml".equals(parse)) {
+ throw new UnsupportedOperationException("Only parse=\"xml\" is
currently supported");
+ }
+ String xpointer = atts.getValue("xpointer");
+
+ URL url = this.getClass().getClassLoader().getResource(href);
+ //todo implement fallback with parent systemId when xml is not in
the classpath
+ if (url == null) {
+ throw new SAXException("XML file not found: " + href);
+ }
+ Document document = uriDocMap.get(url);
+ if (document == null) {
+ DOMResult domResult = new DOMResult();
+ try {
+ XMLReader xmlReader = XMLReaderFactory.createXMLReader();
+ SAXTransformerFactory saxTransformerFactory =
(SAXTransformerFactory) SAXTransformerFactory.newInstance();
+ TransformerHandler transformerHandler =
saxTransformerFactory.newTransformerHandler();
+ transformerHandler.setResult(domResult);
+ xmlReader.setContentHandler(new
XIncludeHandler(transformerHandler, uriDocMap));
+ xmlReader.parse(url.toExternalForm());
+ } catch (TransformerConfigurationException e) {
+ throw new SAXException(e);
+ } catch (IOException e) {
+ throw new SAXException(e);
+ }
+
+ document = (Document) domResult.getNode();
+ document.setDocumentURI(url.toExternalForm());
+ uriDocMap.put(url, document);
+ }
+
+ SAXResult saxResult = new SAXResult(this);
+ skipEvents = true;
+ TransformerFactory transformerFactory =
TransformerFactory.newInstance();
+ Transformer transformer = null;
+ try {
+ transformer = transformerFactory.newTransformer();
+ if (xpointer == null) {
+ transformer.transform(new DOMSource(document,
document.getDocumentURI()), saxResult);
+ } else {
+ NodeList nodeList = evaluateXPointer(xpointer, document);
+ for (int i = 0; i < nodeList.getLength(); i++) {
+ Node node = nodeList.item(i);
+ transformer.transform(new DOMSource(node,
document.getDocumentURI()), saxResult);
+ }
+ }
+ } catch (TransformerConfigurationException e) {
+ throw new SAXException(e);
+ } catch (TransformerException e) {
+ throw new SAXException(e);
+ } finally {
+ skipEvents = false;
+ }
+
+ } else {
+ this.contentHandler.startElement(uri, localName, qName, atts);
+ }
+ }
+
+ public void endElement(String uri, String localName, String qName) throws
SAXException {
+ if (!(xIncludeNS.equals(uri) && xIncludeLN.equals(localName))) {
+ this.contentHandler.endElement(uri, localName, qName);
+ }
+ }
+
+ public void characters(char[] ch, int start, int length) throws
SAXException {
+ this.contentHandler.characters(ch, start, length);
+ }
+
+ public void ignorableWhitespace(char[] ch, int start, int length) throws
SAXException {
+ this.contentHandler.ignorableWhitespace(ch, start, length);
+ }
+
+ public void processingInstruction(String target, String data) throws
SAXException {
+ this.contentHandler.processingInstruction(target, data);
+ }
+
+ public void skippedEntity(String name) throws SAXException {
+ this.contentHandler.skippedEntity(name);
+ }
+
+ @Override
+ public void warning(SAXParseException e) throws SAXException {
+ logger.warn(e.getMessage(), e);
+ }
+
+ @Override
+ public void error(SAXParseException e) throws SAXException {
+ logger.error(e.getMessage(), e);
+ }
+
+ @Override
+ public void fatalError(SAXParseException e) throws SAXException {
+ logger.fatal(e.getMessage(), e);
+ }
+
+ private NodeList evaluateXPointer(String xpointer, Node node) throws
SAXException {
+ final String xPointerSchemeString = "xpointer(";
+ final String xmlnsSchemeString = "xmlns(";
+ int xPointerSchemeIndex = xpointer.indexOf(xPointerSchemeString);
+ if (xPointerSchemeIndex < 0) {
+ throw new SAXException("Only xpointer scheme is supported ATM");
+ }
+ xPointerSchemeIndex += xPointerSchemeString.length();
+ int xPointerSchemeEndIndex = this.findBalancedEndIndex(xpointer,
xPointerSchemeIndex, '(', ')');
+ XPathFactory xPathFactory = XPathFactory.newInstance();
+ XPath xPath = xPathFactory.newXPath();
+
+ int xmlnsSchemeIndex = xpointer.indexOf(xmlnsSchemeString);
+ if (xmlnsSchemeIndex >= 0) {
+ xmlnsSchemeIndex += xmlnsSchemeString.length();
+ int xmlnsSchemeEndIndex = this.findBalancedEndIndex(xpointer,
xmlnsSchemeIndex, '(', ')');
+ String namespaceScheme = xpointer.substring(xmlnsSchemeIndex,
xmlnsSchemeEndIndex);
+ final String[] namespaceSplit = namespaceScheme.split("=");
+ xPath.setNamespaceContext(new NamespaceContext() {
+ @Override
+ public String getNamespaceURI(String prefix) {
+ if (prefix.equals(namespaceSplit[0])) {
+ return namespaceSplit[1];
+ }
+ return null;
+ }
+
+ @Override
+ public String getPrefix(String namespaceURI) {
+ if (namespaceURI.equals(namespaceSplit[1])) {
+ return namespaceSplit[0];
+ }
+ return null;
+ }
+
+ @Override
+ public Iterator getPrefixes(String namespaceURI) {
+ return null;
+ }
+ });
+ }
+ try {
+ return (NodeList)
xPath.evaluate(xpointer.substring(xPointerSchemeIndex, xPointerSchemeEndIndex),
node, XPathConstants.NODESET);
+ } catch (XPathExpressionException e) {
+ throw new SAXException(e);
+ }
+ }
+
+ private int findBalancedEndIndex(String string, int startIndex, char
opening, char ending) {
+ int endIndex = -1;
+ int openPar = 1;
+ for (int i = startIndex; i < string.length(); i++) {
+ char curChar = string.charAt(i);
+ if (curChar == opening) {
+ openPar++;
+ } else if (curChar == ending) {
+ openPar--;
+ }
+ if (openPar == 0) {
+ endIndex = i;
+ break;
+ }
+ }
+ return endIndex;
+ }
+}
Propchange:
webservices/wss4j/branches/swssf/streaming-xml-security/src/main/java/org/swssf/xmlsec/config/XIncludeHandler.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Copied:
webservices/wss4j/branches/swssf/streaming-xml-security/src/main/resources/schemas/security-config.xsd
(from r1181996,
webservices/wss4j/branches/swssf/streaming-xml-security/src/main/resources/security-config.xsd)
URL:
http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-xml-security/src/main/resources/schemas/security-config.xsd?p2=webservices/wss4j/branches/swssf/streaming-xml-security/src/main/resources/schemas/security-config.xsd&p1=webservices/wss4j/branches/swssf/streaming-xml-security/src/main/resources/security-config.xsd&r1=1181996&r2=1190211&rev=1190211&view=diff
==============================================================================
---
webservices/wss4j/branches/swssf/streaming-xml-security/src/main/resources/security-config.xsd
(original)
+++
webservices/wss4j/branches/swssf/streaming-xml-security/src/main/resources/schemas/security-config.xsd
Fri Oct 28 08:51:32 2011
@@ -5,19 +5,6 @@
<xs:documentation>This configuration file is used for configuration of
the org.apache.xml.security package</xs:documentation>
</xs:annotation>
</xs:element>
- <xs:complexType name="JCEAlgorithmMappingsType">
- <xs:sequence>
- <xs:element type="con:AlgorithmsType" name="Algorithms"
xmlns:con="http://www.xmlsecurity.org/NS/configuration"/>
- </xs:sequence>
- </xs:complexType>
- <xs:complexType name="TransformAlgorithmType">
- <xs:simpleContent>
- <xs:extension base="xs:string">
- <xs:attribute type="xs:string" name="URI" use="required"/>
- <xs:attribute type="xs:string" name="JAVACLASS" use="required"/>
- </xs:extension>
- </xs:simpleContent>
- </xs:complexType>
<xs:complexType name="AlgorithmType">
<xs:simpleContent>
<xs:extension base="xs:string">
@@ -33,27 +20,27 @@
</xs:extension>
</xs:simpleContent>
</xs:complexType>
- <xs:complexType name="ResolverType">
+ <xs:complexType name="TransformAlgorithmType">
<xs:simpleContent>
<xs:extension base="xs:string">
+ <xs:attribute type="xs:string" name="URI" use="required"/>
<xs:attribute type="xs:string" name="JAVACLASS" use="required"/>
- <xs:attribute type="xs:string" name="DESCRIPTION" use="required"/>
</xs:extension>
</xs:simpleContent>
</xs:complexType>
- <xs:complexType name="PropertyType">
+ <xs:complexType name="ResolverType">
<xs:simpleContent>
<xs:extension base="xs:string">
- <xs:attribute type="xs:string" name="NAME"/>
- <xs:attribute type="xs:string" name="VAL"/>
+ <xs:attribute type="xs:string" name="JAVACLASS" use="required"/>
+ <xs:attribute type="xs:string" name="DESCRIPTION" use="required"/>
</xs:extension>
</xs:simpleContent>
</xs:complexType>
- <xs:complexType name="SignatureAlgorithmType">
+ <xs:complexType name="PropertyType">
<xs:simpleContent>
<xs:extension base="xs:string">
- <xs:attribute type="xs:anyURI" name="URI" use="required"/>
- <xs:attribute type="xs:string" name="JAVACLASS" use="required"/>
+ <xs:attribute type="xs:string" name="NAME"/>
+ <xs:attribute type="xs:string" name="VAL"/>
</xs:extension>
</xs:simpleContent>
</xs:complexType>
@@ -104,7 +91,7 @@
<xs:element type="con:PropertyType" name="Property"
maxOccurs="unbounded" minOccurs="0"
xmlns:con="http://www.xmlsecurity.org/NS/configuration"/>
</xs:sequence>
</xs:complexType>
- <xs:complexType name="AlgorithmsType">
+ <xs:complexType name="JCEAlgorithmMappingsType">
<xs:sequence>
<xs:element type="con:AlgorithmType" name="Algorithm"
maxOccurs="unbounded" minOccurs="0"
xmlns:con="http://www.xmlsecurity.org/NS/configuration";>
<xs:annotation>
Modified:
webservices/wss4j/branches/swssf/streaming-xml-security/src/main/resources/security-config.xml
URL:
http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-xml-security/src/main/resources/security-config.xml?rev=1190211&r1=1190210&r2=1190211&view=diff
==============================================================================
---
webservices/wss4j/branches/swssf/streaming-xml-security/src/main/resources/security-config.xml
(original)
+++
webservices/wss4j/branches/swssf/streaming-xml-security/src/main/resources/security-config.xml
Fri Oct 28 08:51:32 2011
@@ -50,7 +50,6 @@
JAVACLASS="org.apache.xml.security.transforms.implementations.TransformXPath2Filter"
/>
</TransformAlgorithms>
<JCEAlgorithmMappings>
- <Algorithms>
<!-- MessageDigest Algorithms -->
<Algorithm URI="http://www.w3.org/2001/04/xmldsig-more#md5";
Description="MD5 message digest from RFC 1321"
@@ -337,8 +336,6 @@
RequiredKey="AES"
JCEProvider="BC"
JCEName="AESWrap"/>
-
- </Algorithms>
</JCEAlgorithmMappings>
<ResourceResolvers>
<Resolver
JAVACLASS="org.apache.xml.security.utils.resolver.implementations.ResolverDirectHTTP"
Modified:
webservices/wss4j/branches/swssf/streaming-xml-security/src/test/java/org/swssf/xmlsec/test/UncategorizedTest.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-xml-security/src/test/java/org/swssf/xmlsec/test/UncategorizedTest.java?rev=1190211&r1=1190210&r2=1190211&view=diff
==============================================================================
---
webservices/wss4j/branches/swssf/streaming-xml-security/src/test/java/org/swssf/xmlsec/test/UncategorizedTest.java
(original)
+++
webservices/wss4j/branches/swssf/streaming-xml-security/src/test/java/org/swssf/xmlsec/test/UncategorizedTest.java
Fri Oct 28 08:51:32 2011
@@ -39,74 +39,7 @@ public class UncategorizedTest {
Assert.fail();
} catch (XMLSecurityException e) {
Assert.assertEquals(e.getMessage(), "General security error;
nested exception is: \n" +
- "\tjavax.xml.bind.UnmarshalException\n" +
- " - with linked exception:\n" +
- "[org.xml.sax.SAXParseException: cvc-elt.1: Cannot find
the declaration of element 'doc'.]");
+ "\torg.xml.sax.SAXParseException: cvc-elt.1: Cannot find
the declaration of element 'doc'.");
}
}
-
- /*@Test(invocationCount = 1)
- public void testRandomInput() throws Exception {
-
- String[] schemas = new String[4];
- schemas[0] = "src/main/resources/schemas/xenc-schema.xsd";
- schemas[1] = "src/main/resources/schemas/xmldsig-core-schema.xsd";
- schemas[2] =
"src/main/resources/schemas/oasis-200401-wss-wssecurity-utility-1.0.xsd";
- schemas[3] =
"src/main/resources/schemas/oasis-200401-wss-wssecurity-secext-1.0.xsd";
-
- XMLGen xmlGen = new XMLGen(schemas);
-
- javax.xml.transform.Transformer transformer =
TransformerFactory.newInstance().newTransformer();
- transformer.setOutputProperty(OutputKeys.INDENT, "yes");
-
transformer.setOutputProperty("{http://xml.apache.org/xslt}indent-amount";, "4");
-
- org.w3c.dom.Document w3cDoc = null;
-
- Result streamResult = new StreamResult(new FileOutputStream("xml.xml",
true));
-
- XMLSecurityProperties securityProperties = new XMLSecurityProperties();
-
securityProperties.loadDecryptionKeystore(this.getClass().getClassLoader().getResource("receiver.jks"),
"default".toCharArray());
-
securityProperties.loadSignatureVerificationKeystore(this.getClass().getClassLoader().getResource("receiver.jks"),
"default".toCharArray());
- securityProperties.setCallbackHandler(new CallbackHandlerImpl());
-
- while (true) {
- try {
- Document doc =
xmlGen.getRandom("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";,
"Security");
-
- w3cDoc =
DocumentBuilderFactory.newInstance().newDocumentBuilder().newDocument();
-
- transformer.transform(new DocumentSource(doc), new
DOMResult(w3cDoc));
-
- Element envelope =
w3cDoc.createElementNS(XMLSecurityConstants.NS_SOAP11,
XMLSecurityConstants.TAG_soap_Envelope_LocalName);
- Element header =
w3cDoc.createElementNS(XMLSecurityConstants.NS_SOAP11,
XMLSecurityConstants.TAG_soap_Header_LocalName);
- Element body =
w3cDoc.createElementNS(XMLSecurityConstants.NS_SOAP11,
XMLSecurityConstants.TAG_soap_Body_LocalName);
- body.setAttributeNS(XMLSecurityConstants.NS_WSU10,
XMLSecurityConstants.ATT_wsu_Id.getLocalPart(), "1");
-
- header.appendChild(w3cDoc.getDocumentElement());
- w3cDoc.appendChild(envelope);
- envelope.appendChild(header);
- envelope.appendChild(body);
-
- //transformer.transform(new DOMSource(w3cDoc), streamResult);
-
- org.w3c.dom.Document document =
doInboundSecurity(securityProperties, new CustomW3CDOMStreamReader(w3cDoc));
- } catch (Exception e) {
-
- System.out.println(e);
- if (e instanceof RuntimeException) {
- transformer.transform(new DOMSource(w3cDoc), new
StreamResult(System.out));
- throw e;
- }
- int i = 0;
- Throwable cause = e;
- while (cause != null && i < 10) {
- if (cause instanceof NullPointerException) {
- throw e;
- }
- i++;
- cause = cause.getCause();
- }
- }
- }
- }*/
}
