Author: giger
Date: Thu Nov 3 12:17:40 2011
New Revision: 1197077
URL: http://svn.apache.org/viewvc?rev=1197077&view=rev
Log:
cleanups and correction of KEYIDENTIFIER handling
Modified:
webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/assertionStates/TokenAssertionState.java
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/WSSec.java
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/ext/WSSConstants.java
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/ext/WSSUtils.java
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/BinarySecurityTokenOutputProcessor.java
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/DerivedKeyTokenOutputProcessor.java
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/EncryptedKeyOutputProcessor.java
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/SAMLTokenOutputProcessor.java
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/SignatureEndingOutputProcessor.java
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/SecurityTokenFactoryImpl.java
webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/wss/test/DerivedKeyTokenTest.java
webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/wss/test/EncDecryptionTest.java
webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/wss/test/SignatureTest.java
webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/wss/test/saml/SAMLTokenReferenceTest.java
webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/wss/test/saml/SAMLTokenSVTest.java
Modified:
webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/assertionStates/TokenAssertionState.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/assertionStates/TokenAssertionState.java?rev=1197077&r1=1197076&r2=1197077&view=diff
==============================================================================
---
webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/assertionStates/TokenAssertionState.java
(original)
+++
webservices/wss4j/branches/swssf/streaming-ws-policy/src/main/java/org/swssf/policy/assertionStates/TokenAssertionState.java
Thu Nov 3 12:17:40 2011
@@ -247,7 +247,7 @@ public class TokenAssertionState extends
} else if (x509Token.isRequireIssuerSerialReference() &&
delegatingSecurityToken.getKeyIdentifierType() !=
WSSConstants.KeyIdentifierType.ISSUER_SERIAL) {
setAsserted(false);
setErrorMessage("Policy enforces IssuerSerialReference but we
got " + delegatingSecurityToken.getTokenType());
- } else if (x509Token.isRequireEmbeddedTokenReference() &&
delegatingSecurityToken.getKeyIdentifierType() !=
WSSConstants.KeyIdentifierType.BST_EMBEDDED) {
+ } else if (x509Token.isRequireEmbeddedTokenReference() &&
delegatingSecurityToken.getKeyIdentifierType() !=
WSSConstants.KeyIdentifierType.SECURITY_TOKEN_DIRECT_REFERENCE) {
setAsserted(false);
setErrorMessage("Policy enforces EmbeddedTokenReference but we
got " + delegatingSecurityToken.getTokenType());
} else if (x509Token.isRequireThumbprintReference() &&
delegatingSecurityToken.getKeyIdentifierType() !=
WSSConstants.KeyIdentifierType.THUMBPRINT_IDENTIFIER) {
Modified:
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/WSSec.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/WSSec.java?rev=1197077&r1=1197076&r2=1197077&view=diff
==============================================================================
---
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/WSSec.java
(original)
+++
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/WSSec.java
Thu Nov 3 12:17:40 2011
@@ -240,7 +240,7 @@ public class WSSec {
if (securityProperties.getSignatureCanonicalizationAlgorithm()
== null) {
securityProperties.setSignatureCanonicalizationAlgorithm("http://www.w3.org/2001/10/xml-exc-c14n#";);
}
-
securityProperties.setSignatureKeyIdentifierType(WSSConstants.KeyIdentifierType.EMBEDDED_SECURITY_TOKEN_REF);
+
securityProperties.setSignatureKeyIdentifierType(WSSConstants.KeyIdentifierType.SECURITY_TOKEN_DIRECT_REFERENCE);
if (securityProperties.getEncryptionSymAlgorithm() == null) {
securityProperties.setEncryptionSymAlgorithm("http://www.w3.org/2001/04/xmlenc#aes256-cbc";);
}
@@ -260,7 +260,7 @@ public class WSSec {
securityProperties.setDerivedKeyTokenReference(WSSConstants.DerivedKeyTokenReference.DirectReference);
}
if (securityProperties.getDerivedKeyTokenReference() !=
WSSConstants.DerivedKeyTokenReference.DirectReference) {
-
securityProperties.setDerivedKeyKeyIdentifierType(WSSConstants.KeyIdentifierType.EMBEDDED_SECURITY_TOKEN_REF);
+
securityProperties.setDerivedKeyKeyIdentifierType(WSSConstants.KeyIdentifierType.SECURITY_TOKEN_DIRECT_REFERENCE);
}
} else if (action.equals(WSSConstants.ENCRYPT_WITH_DERIVED_KEY)) {
if (securityProperties.getCallbackHandler() == null) {
@@ -299,7 +299,7 @@ public class WSSec {
securityProperties.setDerivedKeyTokenReference(WSSConstants.DerivedKeyTokenReference.EncryptedKey);
}
if (securityProperties.getDerivedKeyTokenReference() !=
WSSConstants.DerivedKeyTokenReference.DirectReference) {
-
securityProperties.setDerivedKeyKeyIdentifierType(WSSConstants.KeyIdentifierType.EMBEDDED_SECURITY_TOKEN_REF);
+
securityProperties.setDerivedKeyKeyIdentifierType(WSSConstants.KeyIdentifierType.SECURITY_TOKEN_DIRECT_REFERENCE);
}
} else if (action.equals(WSSConstants.SAML_TOKEN_SIGNED)) {
if (securityProperties.getCallbackHandler() == null) {
@@ -319,7 +319,7 @@ public class WSSec {
securityProperties.setSignatureCanonicalizationAlgorithm("http://www.w3.org/2001/10/xml-exc-c14n#";);
}
if (securityProperties.getSignatureKeyIdentifierType() ==
null) {
-
securityProperties.setSignatureKeyIdentifierType(WSSConstants.KeyIdentifierType.EMBEDDED_SECURITY_TOKEN_REF);
+
securityProperties.setSignatureKeyIdentifierType(WSSConstants.KeyIdentifierType.SECURITY_TOKEN_DIRECT_REFERENCE);
}
} else if (action.equals(WSSConstants.SAML_TOKEN_UNSIGNED)) {
if (securityProperties.getCallbackHandler() == null) {
Modified:
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/ext/WSSConstants.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/ext/WSSConstants.java?rev=1197077&r1=1197076&r2=1197077&view=diff
==============================================================================
---
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/ext/WSSConstants.java
(original)
+++
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/ext/WSSConstants.java
Thu Nov 3 12:17:40 2011
@@ -253,15 +253,12 @@ public class WSSConstants extends XMLSec
}
public enum KeyIdentifierType {
- DEFAULT_TOKEN,
ISSUER_SERIAL,
- BST_DIRECT_REFERENCE,
- BST_EMBEDDED,
+ SECURITY_TOKEN_DIRECT_REFERENCE,
X509_KEY_IDENTIFIER,
SKI_KEY_IDENTIFIER,
THUMBPRINT_IDENTIFIER,
- EMBEDDED_SECURITY_TOKEN_REF,
- EMEDDED_KEYIDENTIFIER_REF,
+ EMBEDDED_KEYIDENTIFIER_REF,
USERNAMETOKEN_REFERENCE,
}
Modified:
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/ext/WSSUtils.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/ext/WSSUtils.java?rev=1197077&r1=1197076&r2=1197077&view=diff
==============================================================================
---
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/ext/WSSUtils.java
(original)
+++
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/ext/WSSUtils.java
Thu Nov 3 12:17:40 2011
@@ -204,7 +204,11 @@ public class WSSUtils extends XMLSecurit
outputProcessorChain.reset();
}
- public static void
createBinarySecurityTokenStructure(AbstractOutputProcessor
abstractOutputProcessor, OutputProcessorChain outputProcessorChain, String
referenceId, X509Certificate[] x509Certificates, boolean useSingleCertificate)
throws XMLStreamException, XMLSecurityException {
+ public static void
createBinarySecurityTokenStructure(AbstractOutputProcessor
abstractOutputProcessor,
+ OutputProcessorChain
outputProcessorChain,
+ String referenceId,
X509Certificate[] x509Certificates,
+ boolean
useSingleCertificate)
+ throws XMLStreamException, XMLSecurityException {
Map<QName, String> attributes = new HashMap<QName, String>();
String valueType;
if (useSingleCertificate) {
@@ -236,7 +240,10 @@ public class WSSUtils extends XMLSecurit
abstractOutputProcessor.createEndElementAndOutputAsEvent(outputProcessorChain,
WSSConstants.TAG_wsse_BinarySecurityToken);
}
- public static void
createX509SubjectKeyIdentifierStructure(AbstractOutputProcessor
abstractOutputProcessor, OutputProcessorChain outputProcessorChain,
X509Certificate[] x509Certificates) throws XMLSecurityException,
XMLStreamException {
+ public static void
createX509SubjectKeyIdentifierStructure(AbstractOutputProcessor
abstractOutputProcessor,
+
OutputProcessorChain outputProcessorChain,
+
X509Certificate[] x509Certificates)
+ throws XMLSecurityException, XMLStreamException {
// As per the 1.1 specification, SKI can only be used for a V3
certificate
if (x509Certificates[0].getVersion() != 3) {
throw new
XMLSecurityException(XMLSecurityException.ErrorCode.FAILED_SIGNATURE,
"invalidCertForSKI");
@@ -251,7 +258,10 @@ public class WSSUtils extends XMLSecurit
abstractOutputProcessor.createEndElementAndOutputAsEvent(outputProcessorChain,
WSSConstants.TAG_wsse_KeyIdentifier);
}
- public static void
createX509KeyIdentifierStructure(AbstractOutputProcessor
abstractOutputProcessor, OutputProcessorChain outputProcessorChain,
X509Certificate[] x509Certificates) throws XMLStreamException,
XMLSecurityException {
+ public static void
createX509KeyIdentifierStructure(AbstractOutputProcessor
abstractOutputProcessor,
+ OutputProcessorChain
outputProcessorChain,
+ X509Certificate[]
x509Certificates)
+ throws XMLStreamException, XMLSecurityException {
Map<QName, String> attributes = new HashMap<QName, String>();
attributes.put(WSSConstants.ATT_NULL_EncodingType,
WSSConstants.SOAPMESSAGE_NS10_BASE64_ENCODING);
attributes.put(WSSConstants.ATT_NULL_ValueType,
WSSConstants.NS_X509_V3_TYPE);
@@ -264,7 +274,10 @@ public class WSSUtils extends XMLSecurit
abstractOutputProcessor.createEndElementAndOutputAsEvent(outputProcessorChain,
WSSConstants.TAG_wsse_KeyIdentifier);
}
- public static void
createThumbprintKeyIdentifierStructure(AbstractOutputProcessor
abstractOutputProcessor, OutputProcessorChain outputProcessorChain,
X509Certificate[] x509Certificates) throws XMLStreamException,
XMLSecurityException {
+ public static void
createThumbprintKeyIdentifierStructure(AbstractOutputProcessor
abstractOutputProcessor,
+
OutputProcessorChain outputProcessorChain,
+
X509Certificate[] x509Certificates)
+ throws XMLStreamException, XMLSecurityException {
Map<QName, String> attributes = new HashMap<QName, String>();
attributes.put(WSSConstants.ATT_NULL_EncodingType,
WSSConstants.SOAPMESSAGE_NS10_BASE64_ENCODING);
attributes.put(WSSConstants.ATT_NULL_ValueType,
WSSConstants.NS_THUMBPRINT);
@@ -285,32 +298,23 @@ public class WSSUtils extends XMLSecurit
abstractOutputProcessor.createEndElementAndOutputAsEvent(outputProcessorChain,
WSSConstants.TAG_wsse_KeyIdentifier);
}
- public static void createBSTReferenceStructure(AbstractOutputProcessor
abstractOutputProcessor, OutputProcessorChain outputProcessorChain, String
referenceId, X509Certificate[] x509Certificates, boolean useSingleCertificate,
boolean embed) throws XMLStreamException, XMLSecurityException {
+ public static void createBSTReferenceStructure(AbstractOutputProcessor
abstractOutputProcessor,
+ OutputProcessorChain
outputProcessorChain, String referenceId,
+ String valueType)
+ throws XMLStreamException, XMLSecurityException {
Map<QName, String> attributes = new HashMap<QName, String>();
- String valueType;
- if (useSingleCertificate) {
- valueType = WSSConstants.NS_X509_V3_TYPE;
- } else {
- valueType = WSSConstants.NS_X509PKIPathv1;
- }
attributes.put(WSSConstants.ATT_NULL_URI, "#" + referenceId);
- attributes.put(WSSConstants.ATT_NULL_ValueType, valueType);
-
abstractOutputProcessor.createStartElementAndOutputAsEvent(outputProcessorChain,
WSSConstants.TAG_wsse_Reference, attributes);
- if (embed) {
-
WSSUtils.createBinarySecurityTokenStructure(abstractOutputProcessor,
outputProcessorChain, referenceId, x509Certificates, useSingleCertificate);
+ if (valueType != null) {
+ attributes.put(WSSConstants.ATT_NULL_ValueType, valueType);
}
-
abstractOutputProcessor.createEndElementAndOutputAsEvent(outputProcessorChain,
WSSConstants.TAG_wsse_Reference);
- }
-
- //todo I think this is not spec conform and can be dropped
- public static void
createEmbeddedSecurityTokenReferenceStructure(AbstractOutputProcessor
abstractOutputProcessor, OutputProcessorChain outputProcessorChain, String
referenceId) throws XMLStreamException, XMLSecurityException {
- Map<QName, String> attributes = new HashMap<QName, String>();
- attributes.put(WSSConstants.ATT_NULL_URI, "#" + referenceId);
abstractOutputProcessor.createStartElementAndOutputAsEvent(outputProcessorChain,
WSSConstants.TAG_wsse_Reference, attributes);
abstractOutputProcessor.createEndElementAndOutputAsEvent(outputProcessorChain,
WSSConstants.TAG_wsse_Reference);
}
- public static void
createEmbeddedKeyIdentifierStructure(AbstractOutputProcessor
abstractOutputProcessor, OutputProcessorChain outputProcessorChain,
XMLSecurityConstants.TokenType tokenType, String referenceId) throws
XMLStreamException, XMLSecurityException {
+ public static void
createEmbeddedKeyIdentifierStructure(AbstractOutputProcessor
abstractOutputProcessor,
+
OutputProcessorChain outputProcessorChain,
+
XMLSecurityConstants.TokenType tokenType, String referenceId)
+ throws XMLStreamException, XMLSecurityException {
Map<QName, String> attributes = new HashMap<QName, String>();
if (tokenType.equals(WSSConstants.Saml10Token) ||
tokenType.equals(WSSConstants.Saml11Token)) {
attributes.put(WSSConstants.ATT_NULL_ValueType,
WSSConstants.NS_SAML10_TYPE);
@@ -322,7 +326,9 @@ public class WSSUtils extends XMLSecurit
abstractOutputProcessor.createEndElementAndOutputAsEvent(outputProcessorChain,
WSSConstants.TAG_wsse_KeyIdentifier);
}
- public static void
createUsernameTokenReferenceStructure(AbstractOutputProcessor
abstractOutputProcessor, OutputProcessorChain outputProcessorChain, String
tokenId) throws XMLStreamException, XMLSecurityException {
+ public static void
createUsernameTokenReferenceStructure(AbstractOutputProcessor
abstractOutputProcessor,
+
OutputProcessorChain outputProcessorChain, String tokenId)
+ throws XMLStreamException, XMLSecurityException {
Map<QName, String> attributes = new HashMap<QName, String>();
attributes.put(WSSConstants.ATT_NULL_URI, "#" + tokenId);
attributes.put(WSSConstants.ATT_NULL_ValueType,
WSSConstants.NS_USERNAMETOKEN_PROFILE_UsernameToken);
Modified:
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/BinarySecurityTokenOutputProcessor.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/BinarySecurityTokenOutputProcessor.java?rev=1197077&r1=1197076&r2=1197077&view=diff
==============================================================================
---
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/BinarySecurityTokenOutputProcessor.java
(original)
+++
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/BinarySecurityTokenOutputProcessor.java
Thu Nov 3 12:17:40 2011
@@ -153,7 +153,7 @@ public class BinarySecurityTokenOutputPr
if (action.equals(WSSConstants.SIGNATURE)
|| action.equals(WSSConstants.SAML_TOKEN_SIGNED)) {
outputProcessorChain.getSecurityContext().put(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_SIGNATURE,
bstId);
- if (((WSSSecurityProperties)
getSecurityProperties()).getSignatureKeyIdentifierType() ==
WSSConstants.KeyIdentifierType.BST_DIRECT_REFERENCE) {
+ if (((WSSSecurityProperties)
getSecurityProperties()).getSignatureKeyIdentifierType() ==
WSSConstants.KeyIdentifierType.SECURITY_TOKEN_DIRECT_REFERENCE) {
outputProcessorChain.getSecurityContext().put(WSSConstants.PROP_APPEND_SIGNATURE_ON_THIS_ID,
bstId);
FinalBinarySecurityTokenOutputProcessor
finalBinarySecurityTokenOutputProcessor = new
FinalBinarySecurityTokenOutputProcessor(getSecurityProperties(), getAction(),
binarySecurityToken);
finalBinarySecurityTokenOutputProcessor.getBeforeProcessors().add(org.swssf.wss.impl.processor.output.SignatureOutputProcessor.class.getName());
@@ -162,7 +162,7 @@ public class BinarySecurityTokenOutputPr
}
} else if (action.equals(WSSConstants.ENCRYPT)) {
outputProcessorChain.getSecurityContext().put(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_ENCRYPTED_KEY,
bstId);
- if (((WSSSecurityProperties)
getSecurityProperties()).getEncryptionKeyIdentifierType() ==
WSSConstants.KeyIdentifierType.BST_DIRECT_REFERENCE) {
+ if (((WSSSecurityProperties)
getSecurityProperties()).getEncryptionKeyIdentifierType() ==
WSSConstants.KeyIdentifierType.SECURITY_TOKEN_DIRECT_REFERENCE) {
FinalBinarySecurityTokenOutputProcessor
finalBinarySecurityTokenOutputProcessor = new
FinalBinarySecurityTokenOutputProcessor(getSecurityProperties(), getAction(),
binarySecurityToken);
finalBinarySecurityTokenOutputProcessor.getAfterProcessors().add(org.swssf.wss.impl.processor.output.EncryptEndingOutputProcessor.class.getName());
outputProcessorChain.addProcessor(finalBinarySecurityTokenOutputProcessor);
@@ -184,15 +184,6 @@ public class BinarySecurityTokenOutputPr
outputProcessorChain.getSecurityContext().put(WSSConstants.PROP_USE_THIS_TOKEN_ID_FOR_SECURITYCONTEXTTOKEN,
bstId);
break;
}
- if ((getAction() == WSSConstants.ENCRYPT_WITH_DERIVED_KEY
- && ((WSSSecurityProperties)
getSecurityProperties()).getEncryptionKeyIdentifierType() ==
WSSConstants.KeyIdentifierType.BST_DIRECT_REFERENCE)
- || (getAction() ==
WSSConstants.SIGNATURE_WITH_DERIVED_KEY
- && ((WSSSecurityProperties)
getSecurityProperties()).getSignatureKeyIdentifierType() ==
WSSConstants.KeyIdentifierType.BST_DIRECT_REFERENCE)) {
- FinalBinarySecurityTokenOutputProcessor
finalBinarySecurityTokenOutputProcessor = new
FinalBinarySecurityTokenOutputProcessor(getSecurityProperties(), getAction(),
binarySecurityToken);
-
finalBinarySecurityTokenOutputProcessor.getAfterProcessors().add(org.swssf.wss.impl.processor.output.EncryptEndingOutputProcessor.class.getName());
-
outputProcessorChain.addProcessor(finalBinarySecurityTokenOutputProcessor);
-
binarySecurityToken.setProcessor(finalBinarySecurityTokenOutputProcessor);
- }
}
outputProcessorChain.getSecurityContext().registerSecurityTokenProvider(bstId,
binarySecurityTokenProvider);
Modified:
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/DerivedKeyTokenOutputProcessor.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/DerivedKeyTokenOutputProcessor.java?rev=1197077&r1=1197076&r2=1197077&view=diff
==============================================================================
---
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/DerivedKeyTokenOutputProcessor.java
(original)
+++
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/DerivedKeyTokenOutputProcessor.java
Thu Nov 3 12:17:40 2011
@@ -266,9 +266,7 @@ public class DerivedKeyTokenOutputProces
Map<QName, String> attributes = new HashMap<QName, String>();
attributes.put(WSSConstants.ATT_wsu_Id, "STRId-" +
UUID.randomUUID().toString());
- if ((keyIdentifierType ==
WSSConstants.KeyIdentifierType.BST_DIRECT_REFERENCE
- || keyIdentifierType ==
WSSConstants.KeyIdentifierType.BST_EMBEDDED)
- && !useSingleCertificate) {
+ if (keyIdentifierType ==
WSSConstants.KeyIdentifierType.SECURITY_TOKEN_DIRECT_REFERENCE &&
!useSingleCertificate) {
attributes.put(WSSConstants.ATT_wsse11_TokenType,
WSSConstants.NS_X509PKIPathv1);
} else if (derivedKeyTokenReference ==
WSSConstants.DerivedKeyTokenReference.EncryptedKey) {
attributes.put(WSSConstants.ATT_wsse11_TokenType,
WSSConstants.NS_WSS_ENC_KEY_VALUE_TYPE);
@@ -286,12 +284,14 @@ public class DerivedKeyTokenOutputProces
WSSUtils.createX509KeyIdentifierStructure(this,
outputProcessorChain, x509Certificates);
} else if (keyIdentifierType ==
WSSConstants.KeyIdentifierType.THUMBPRINT_IDENTIFIER) {
WSSUtils.createThumbprintKeyIdentifierStructure(this,
outputProcessorChain, x509Certificates);
- } else if (keyIdentifierType ==
WSSConstants.KeyIdentifierType.BST_EMBEDDED) {
- WSSUtils.createBSTReferenceStructure(this,
outputProcessorChain, tokenId, x509Certificates, useSingleCertificate, true);
- } else if (keyIdentifierType ==
WSSConstants.KeyIdentifierType.BST_DIRECT_REFERENCE) {
- WSSUtils.createBSTReferenceStructure(this,
outputProcessorChain, tokenId, x509Certificates, useSingleCertificate, false);
- } else if (keyIdentifierType ==
WSSConstants.KeyIdentifierType.EMBEDDED_SECURITY_TOKEN_REF) {
- WSSUtils.createEmbeddedSecurityTokenReferenceStructure(this,
outputProcessorChain, tokenId);
+ } else if (keyIdentifierType ==
WSSConstants.KeyIdentifierType.SECURITY_TOKEN_DIRECT_REFERENCE) {
+ String valueType;
+ if (useSingleCertificate) {
+ valueType = WSSConstants.NS_X509_V3_TYPE;
+ } else {
+ valueType = WSSConstants.NS_X509PKIPathv1;
+ }
+ WSSUtils.createBSTReferenceStructure(this,
outputProcessorChain, tokenId, valueType);
} else {
throw new
XMLSecurityException(XMLSecurityException.ErrorCode.FAILED_ENCRYPTION,
"unsupportedSecurityToken", keyIdentifierType.name());
}
Modified:
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/EncryptedKeyOutputProcessor.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/EncryptedKeyOutputProcessor.java?rev=1197077&r1=1197076&r2=1197077&view=diff
==============================================================================
---
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/EncryptedKeyOutputProcessor.java
(original)
+++
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/EncryptedKeyOutputProcessor.java
Thu Nov 3 12:17:40 2011
@@ -277,9 +277,7 @@ public class EncryptedKeyOutputProcessor
Map<QName, String> attributes = new HashMap<QName, String>();
attributes.put(WSSConstants.ATT_wsu_Id, "STRId-" +
UUID.randomUUID().toString());
- if
((keyIdentifierType.name().equals(WSSConstants.KeyIdentifierType.BST_DIRECT_REFERENCE.name())
- ||
keyIdentifierType.name().equals(WSSConstants.KeyIdentifierType.BST_EMBEDDED.name()))
- && !useSingleCertificate) {
+ if (keyIdentifierType ==
WSSConstants.KeyIdentifierType.SECURITY_TOKEN_DIRECT_REFERENCE &&
!useSingleCertificate) {
attributes.put(WSSConstants.ATT_wsse11_TokenType,
WSSConstants.NS_X509PKIPathv1);
}
createStartElementAndOutputAsEvent(outputProcessorChain,
WSSConstants.TAG_wsse_SecurityTokenReference, attributes);
@@ -287,20 +285,22 @@ public class EncryptedKeyOutputProcessor
X509Certificate[] x509Certificates =
securityToken.getKeyWrappingToken().getX509Certificates();
String tokenId = securityToken.getKeyWrappingToken().getId();
- if
(keyIdentifierType.name().equals(WSSConstants.KeyIdentifierType.ISSUER_SERIAL.name()))
{
+ if (keyIdentifierType ==
WSSConstants.KeyIdentifierType.ISSUER_SERIAL) {
createX509IssuerSerialStructure(outputProcessorChain,
x509Certificates);
- } else if
(keyIdentifierType.name().equals(WSSConstants.KeyIdentifierType.SKI_KEY_IDENTIFIER.name()))
{
+ } else if (keyIdentifierType ==
WSSConstants.KeyIdentifierType.SKI_KEY_IDENTIFIER) {
WSSUtils.createX509SubjectKeyIdentifierStructure(this,
outputProcessorChain, x509Certificates);
- } else if
(keyIdentifierType.name().equals(WSSConstants.KeyIdentifierType.X509_KEY_IDENTIFIER.name()))
{
+ } else if (keyIdentifierType ==
WSSConstants.KeyIdentifierType.X509_KEY_IDENTIFIER) {
WSSUtils.createX509KeyIdentifierStructure(this,
outputProcessorChain, x509Certificates);
- } else if
(keyIdentifierType.name().equals(WSSConstants.KeyIdentifierType.THUMBPRINT_IDENTIFIER.name()))
{
+ } else if (keyIdentifierType ==
WSSConstants.KeyIdentifierType.THUMBPRINT_IDENTIFIER) {
WSSUtils.createThumbprintKeyIdentifierStructure(this,
outputProcessorChain, x509Certificates);
- } else if
(keyIdentifierType.name().equals(WSSConstants.KeyIdentifierType.BST_EMBEDDED.name()))
{
- WSSUtils.createBSTReferenceStructure(this,
outputProcessorChain, tokenId, x509Certificates, useSingleCertificate, true);
- } else if
(keyIdentifierType.name().equals(WSSConstants.KeyIdentifierType.BST_DIRECT_REFERENCE.name()))
{
- WSSUtils.createBSTReferenceStructure(this,
outputProcessorChain, tokenId, x509Certificates, useSingleCertificate, false);
- } else if
(keyIdentifierType.name().equals(WSSConstants.KeyIdentifierType.EMBEDDED_SECURITY_TOKEN_REF.name()))
{
- WSSUtils.createEmbeddedSecurityTokenReferenceStructure(this,
outputProcessorChain, tokenId);
+ } else if (keyIdentifierType ==
WSSConstants.KeyIdentifierType.SECURITY_TOKEN_DIRECT_REFERENCE) {
+ String valueType;
+ if (useSingleCertificate) {
+ valueType = WSSConstants.NS_X509_V3_TYPE;
+ } else {
+ valueType = WSSConstants.NS_X509PKIPathv1;
+ }
+ WSSUtils.createBSTReferenceStructure(this,
outputProcessorChain, tokenId, valueType);
} else {
throw new
XMLSecurityException(XMLSecurityException.ErrorCode.FAILED_ENCRYPTION,
"unsupportedSecurityToken", keyIdentifierType.name());
}
Modified:
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/SAMLTokenOutputProcessor.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/SAMLTokenOutputProcessor.java?rev=1197077&r1=1197076&r2=1197077&view=diff
==============================================================================
---
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/SAMLTokenOutputProcessor.java
(original)
+++
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/SAMLTokenOutputProcessor.java
Thu Nov 3 12:17:40 2011
@@ -258,7 +258,7 @@ public class SAMLTokenOutputProcessor ex
StartElement startElement = xmlEvent.asStartElement();
if (((WSSDocumentContext)
outputProcessorChain.getDocumentContext()).isInSecurityHeader() &&
startElement.getName().equals(WSSConstants.TAG_wsse_Security)) {
OutputProcessorChain subOutputProcessorChain =
outputProcessorChain.createSubChain(this);
- if (senderVouches && ((WSSSecurityProperties)
getSecurityProperties()).getSignatureKeyIdentifierType() ==
WSSConstants.KeyIdentifierType.BST_DIRECT_REFERENCE) {
+ if (senderVouches && ((WSSSecurityProperties)
getSecurityProperties()).getSignatureKeyIdentifierType() ==
WSSConstants.KeyIdentifierType.SECURITY_TOKEN_DIRECT_REFERENCE) {
WSSUtils.createBinarySecurityTokenStructure(this,
outputProcessorChain, binarySecurityTokenReferenceId,
securityToken.getX509Certificates(), getSecurityProperties().isUseSingleCert());
}
outputSamlAssertion(samlAssertionWrapper.toDOM(null),
subOutputProcessorChain);
Modified:
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/SignatureEndingOutputProcessor.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/SignatureEndingOutputProcessor.java?rev=1197077&r1=1197076&r2=1197077&view=diff
==============================================================================
---
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/SignatureEndingOutputProcessor.java
(original)
+++
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/processor/output/SignatureEndingOutputProcessor.java
Thu Nov 3 12:17:40 2011
@@ -91,9 +91,7 @@ public class SignatureEndingOutputProces
Map<QName, String> attributes = new HashMap<QName, String>();
attributes.put(WSSConstants.ATT_wsu_Id, "STRId-" +
UUID.randomUUID().toString());
- if ((keyIdentifierType ==
WSSConstants.KeyIdentifierType.BST_DIRECT_REFERENCE
- || keyIdentifierType ==
WSSConstants.KeyIdentifierType.BST_EMBEDDED)
- && !useSingleCertificate) {
+ if (keyIdentifierType ==
WSSConstants.KeyIdentifierType.SECURITY_TOKEN_DIRECT_REFERENCE &&
!useSingleCertificate) {
attributes.put(WSSConstants.ATT_wsse11_TokenType,
WSSConstants.NS_X509PKIPathv1);
} else if
(WSSConstants.Saml10Token.equals(securityToken.getTokenType())
||
WSSConstants.Saml11Token.equals(securityToken.getTokenType())) {
@@ -114,13 +112,15 @@ public class SignatureEndingOutputProces
WSSUtils.createX509KeyIdentifierStructure(this,
outputProcessorChain, x509Certificates);
} else if (keyIdentifierType ==
WSSConstants.KeyIdentifierType.THUMBPRINT_IDENTIFIER) {
WSSUtils.createThumbprintKeyIdentifierStructure(this,
outputProcessorChain, x509Certificates);
- } else if (keyIdentifierType ==
WSSConstants.KeyIdentifierType.BST_EMBEDDED) {
- WSSUtils.createBSTReferenceStructure(this, outputProcessorChain,
tokenId, x509Certificates, useSingleCertificate, true);
- } else if (keyIdentifierType ==
WSSConstants.KeyIdentifierType.BST_DIRECT_REFERENCE) {
- WSSUtils.createBSTReferenceStructure(this, outputProcessorChain,
tokenId, x509Certificates, useSingleCertificate, false);
- } else if (keyIdentifierType ==
WSSConstants.KeyIdentifierType.EMBEDDED_SECURITY_TOKEN_REF) {
- WSSUtils.createEmbeddedSecurityTokenReferenceStructure(this,
outputProcessorChain, tokenId);
- } else if (keyIdentifierType ==
WSSConstants.KeyIdentifierType.EMEDDED_KEYIDENTIFIER_REF) {
+ } else if (keyIdentifierType ==
WSSConstants.KeyIdentifierType.SECURITY_TOKEN_DIRECT_REFERENCE) {
+ String valueType;
+ if (useSingleCertificate) {
+ valueType = WSSConstants.NS_X509_V3_TYPE;
+ } else {
+ valueType = WSSConstants.NS_X509PKIPathv1;
+ }
+ WSSUtils.createBSTReferenceStructure(this, outputProcessorChain,
tokenId, valueType);
+ } else if (keyIdentifierType ==
WSSConstants.KeyIdentifierType.EMBEDDED_KEYIDENTIFIER_REF) {
WSSUtils.createEmbeddedKeyIdentifierStructure(this,
outputProcessorChain, securityToken.getTokenType(), tokenId);
} else if (keyIdentifierType ==
WSSConstants.KeyIdentifierType.USERNAMETOKEN_REFERENCE) {
WSSUtils.createUsernameTokenReferenceStructure(this,
outputProcessorChain, tokenId);
Modified:
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/SecurityTokenFactoryImpl.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/SecurityTokenFactoryImpl.java?rev=1197077&r1=1197076&r2=1197077&view=diff
==============================================================================
---
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/SecurityTokenFactoryImpl.java
(original)
+++
webservices/wss4j/branches/swssf/streaming-ws-security/src/main/java/org/swssf/wss/impl/securityToken/SecurityTokenFactoryImpl.java
Thu Nov 3 12:17:40 2011
@@ -107,14 +107,7 @@ public class SecurityTokenFactoryImpl ex
throw new WSSecurityException("badReferenceURI");
}
uri = WSSUtils.dropReferenceMarker(uri);
- //embedded BST:
- //todo? this seems not to be schema valid!
- /*BinarySecurityTokenType binarySecurityTokenType =
XMLSecurityUtils.getQNameType(referenceType, WSSConstants.TAG_dsig_X509Data)
- if (referenceType.getBinarySecurityTokenType() != null
- &&
uri.equals(referenceType.getBinarySecurityTokenType().getId())) {
- BinarySecurityTokenType binarySecurityTokenType =
referenceType.getBinarySecurityTokenType();
- return new
DelegatingSecurityToken(WSSConstants.KeyIdentifierType.BST_EMBEDDED,
getSecurityToken(binarySecurityTokenType, securityContext, crypto,
callbackHandler, processor));
- } else {//referenced BST:*/
+ //referenced BST:*/
//we have to search BST somewhere in the doc. First we will
check for a BST already processed and
//stored in the context. Otherwise we will abort now.
@@ -133,9 +126,8 @@ public class SecurityTokenFactoryImpl ex
if (securityTokenProvider == null) {
throw new
WSSecurityException(WSSecurityException.ErrorCode.SECURITY_TOKEN_UNAVAILABLE,
"noToken", uri);
}
- return new
DelegatingSecurityToken(WSSConstants.KeyIdentifierType.BST_DIRECT_REFERENCE,
securityTokenProvider.getSecurityToken(crypto));
+ return new
DelegatingSecurityToken(WSSConstants.KeyIdentifierType.SECURITY_TOKEN_DIRECT_REFERENCE,
securityTokenProvider.getSecurityToken(crypto));
}
- //}
throw new
WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY,
"noKeyinfo");
} finally {
securityContext.remove("" + Thread.currentThread().hashCode());
Modified:
webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/wss/test/DerivedKeyTokenTest.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/wss/test/DerivedKeyTokenTest.java?rev=1197077&r1=1197076&r2=1197077&view=diff
==============================================================================
---
webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/wss/test/DerivedKeyTokenTest.java
(original)
+++
webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/wss/test/DerivedKeyTokenTest.java
Thu Nov 3 12:17:40 2011
@@ -527,6 +527,7 @@ public class DerivedKeyTokenTest extends
securityProperties.loadEncryptionKeystore(this.getClass().getClassLoader().getResource("receiver.jks"),
"default".toCharArray());
securityProperties.setEncryptionUser("receiver");
securityProperties.setEncryptionKeyIdentifierType(WSSConstants.KeyIdentifierType.THUMBPRINT_IDENTIFIER);
+
securityProperties.setSignatureKeyIdentifierType(WSSConstants.KeyIdentifierType.THUMBPRINT_IDENTIFIER);
securityProperties.setDerivedKeyTokenReference(WSSConstants.DerivedKeyTokenReference.EncryptedKey);
OutboundWSSec wsSecOut =
WSSec.getOutboundWSSec(securityProperties);
Modified:
webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/wss/test/EncDecryptionTest.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/wss/test/EncDecryptionTest.java?rev=1197077&r1=1197076&r2=1197077&view=diff
==============================================================================
---
webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/wss/test/EncDecryptionTest.java
(original)
+++
webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/wss/test/EncDecryptionTest.java
Thu Nov 3 12:17:40 2011
@@ -520,7 +520,7 @@ public class EncDecryptionTest extends A
securityProperties.setOutAction(actions);
securityProperties.loadEncryptionKeystore(this.getClass().getClassLoader().getResource("transmitter.jks"),
"default".toCharArray());
securityProperties.setEncryptionUser("receiver");
-
securityProperties.setEncryptionKeyIdentifierType(WSSConstants.KeyIdentifierType.BST_DIRECT_REFERENCE);
+
securityProperties.setEncryptionKeyIdentifierType(WSSConstants.KeyIdentifierType.SECURITY_TOKEN_DIRECT_REFERENCE);
InputStream sourceDocument =
this.getClass().getClassLoader().getResourceAsStream("testdata/plain-soap-1.1.xml");
Modified:
webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/wss/test/SignatureTest.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/wss/test/SignatureTest.java?rev=1197077&r1=1197076&r2=1197077&view=diff
==============================================================================
---
webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/wss/test/SignatureTest.java
(original)
+++
webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/wss/test/SignatureTest.java
Thu Nov 3 12:17:40 2011
@@ -428,7 +428,7 @@ public class SignatureTest extends Abstr
securityProperties.setOutAction(actions);
securityProperties.loadSignatureKeyStore(this.getClass().getClassLoader().getResource("transmitter.jks"),
"default".toCharArray());
securityProperties.setSignatureUser("transmitter");
-
securityProperties.setSignatureKeyIdentifierType(WSSConstants.KeyIdentifierType.BST_DIRECT_REFERENCE);
+
securityProperties.setSignatureKeyIdentifierType(WSSConstants.KeyIdentifierType.SECURITY_TOKEN_DIRECT_REFERENCE);
securityProperties.setCallbackHandler(new
org.swssf.wss.test.CallbackHandlerImpl());
OutboundWSSec wsSecOut =
WSSec.getOutboundWSSec(securityProperties);
@@ -805,7 +805,7 @@ public class SignatureTest extends Abstr
securityProperties.loadSignatureKeyStore(this.getClass().getClassLoader().getResource("transmitter.jks"),
"default".toCharArray());
securityProperties.setSignatureUser("transmitter");
securityProperties.setUseSingleCert(false);
-
securityProperties.setSignatureKeyIdentifierType(WSSConstants.KeyIdentifierType.BST_DIRECT_REFERENCE);
+
securityProperties.setSignatureKeyIdentifierType(WSSConstants.KeyIdentifierType.SECURITY_TOKEN_DIRECT_REFERENCE);
securityProperties.setCallbackHandler(new CallbackHandlerImpl());
OutboundWSSec wsSecOut =
WSSec.getOutboundWSSec(securityProperties);
Modified:
webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/wss/test/saml/SAMLTokenReferenceTest.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/wss/test/saml/SAMLTokenReferenceTest.java?rev=1197077&r1=1197076&r2=1197077&view=diff
==============================================================================
---
webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/wss/test/saml/SAMLTokenReferenceTest.java
(original)
+++
webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/wss/test/saml/SAMLTokenReferenceTest.java
Thu Nov 3 12:17:40 2011
@@ -456,7 +456,7 @@ public class SAMLTokenReferenceTest exte
crypto.setKeyStore(keyStore);
callbackHandler.setCerts(crypto.getCertificates("transmitter"));
securityProperties.setCallbackHandler(callbackHandler);
-
securityProperties.setSignatureKeyIdentifierType(WSSConstants.KeyIdentifierType.EMEDDED_KEYIDENTIFIER_REF);
+
securityProperties.setSignatureKeyIdentifierType(WSSConstants.KeyIdentifierType.EMBEDDED_KEYIDENTIFIER_REF);
securityProperties.loadSignatureKeyStore(this.getClass().getClassLoader().getResource("transmitter.jks"),
"default".toCharArray());
securityProperties.setSignatureUser("transmitter");
@@ -540,7 +540,7 @@ public class SAMLTokenReferenceTest exte
crypto.setKeyStore(keyStore);
callbackHandler.setCerts(crypto.getCertificates("transmitter"));
securityProperties.setCallbackHandler(callbackHandler);
-
securityProperties.setSignatureKeyIdentifierType(WSSConstants.KeyIdentifierType.BST_DIRECT_REFERENCE);
+
securityProperties.setSignatureKeyIdentifierType(WSSConstants.KeyIdentifierType.SECURITY_TOKEN_DIRECT_REFERENCE);
securityProperties.loadSignatureKeyStore(this.getClass().getClassLoader().getResource("transmitter.jks"),
"default".toCharArray());
securityProperties.setSignatureUser("transmitter");
Modified:
webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/wss/test/saml/SAMLTokenSVTest.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/wss/test/saml/SAMLTokenSVTest.java?rev=1197077&r1=1197076&r2=1197077&view=diff
==============================================================================
---
webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/wss/test/saml/SAMLTokenSVTest.java
(original)
+++
webservices/wss4j/branches/swssf/streaming-ws-security/src/test/java/org/swssf/wss/test/saml/SAMLTokenSVTest.java
Thu Nov 3 12:17:40 2011
@@ -68,7 +68,7 @@ public class SAMLTokenSVTest extends Abs
securityProperties.setCallbackHandler(callbackHandler);
securityProperties.loadSignatureKeyStore(this.getClass().getClassLoader().getResource("transmitter.jks"),
"default".toCharArray());
securityProperties.setSignatureUser("transmitter");
-
securityProperties.setSignatureKeyIdentifierType(WSSConstants.KeyIdentifierType.BST_DIRECT_REFERENCE);
+
securityProperties.setSignatureKeyIdentifierType(WSSConstants.KeyIdentifierType.SECURITY_TOKEN_DIRECT_REFERENCE);
OutboundWSSec wsSecOut =
WSSec.getOutboundWSSec(securityProperties);
XMLStreamWriter xmlStreamWriter = wsSecOut.processOutMessage(baos,
"UTF-8", new ArrayList<SecurityEvent>());
@@ -247,7 +247,7 @@ public class SAMLTokenSVTest extends Abs
securityProperties.setCallbackHandler(callbackHandler);
securityProperties.loadSignatureKeyStore(this.getClass().getClassLoader().getResource("transmitter.jks"),
"default".toCharArray());
securityProperties.setSignatureUser("transmitter");
-
securityProperties.setSignatureKeyIdentifierType(WSSConstants.KeyIdentifierType.BST_DIRECT_REFERENCE);
+
securityProperties.setSignatureKeyIdentifierType(WSSConstants.KeyIdentifierType.SECURITY_TOKEN_DIRECT_REFERENCE);
OutboundWSSec wsSecOut =
WSSec.getOutboundWSSec(securityProperties);
XMLStreamWriter xmlStreamWriter = wsSecOut.processOutMessage(baos,
"UTF-8", new ArrayList<SecurityEvent>());
@@ -334,7 +334,7 @@ public class SAMLTokenSVTest extends Abs
securityProperties.setCallbackHandler(callbackHandler);
securityProperties.loadSignatureKeyStore(this.getClass().getClassLoader().getResource("transmitter.jks"),
"default".toCharArray());
securityProperties.setSignatureUser("transmitter");
-
securityProperties.setSignatureKeyIdentifierType(WSSConstants.KeyIdentifierType.BST_DIRECT_REFERENCE);
+
securityProperties.setSignatureKeyIdentifierType(WSSConstants.KeyIdentifierType.SECURITY_TOKEN_DIRECT_REFERENCE);
OutboundWSSec wsSecOut =
WSSec.getOutboundWSSec(securityProperties);
XMLStreamWriter xmlStreamWriter = wsSecOut.processOutMessage(baos,
"UTF-8", new ArrayList<SecurityEvent>());
@@ -423,7 +423,7 @@ public class SAMLTokenSVTest extends Abs
securityProperties.setCallbackHandler(callbackHandler);
securityProperties.loadSignatureKeyStore(this.getClass().getClassLoader().getResource("transmitter.jks"),
"default".toCharArray());
securityProperties.setSignatureUser("transmitter");
-
securityProperties.setSignatureKeyIdentifierType(WSSConstants.KeyIdentifierType.BST_DIRECT_REFERENCE);
+
securityProperties.setSignatureKeyIdentifierType(WSSConstants.KeyIdentifierType.SECURITY_TOKEN_DIRECT_REFERENCE);
OutboundWSSec wsSecOut =
WSSec.getOutboundWSSec(securityProperties);
XMLStreamWriter xmlStreamWriter = wsSecOut.processOutMessage(baos,
"UTF-8", new ArrayList<SecurityEvent>());
