Author: coheigea
Date: Mon Jan 16 15:35:36 2012
New Revision: 1232030
URL: http://svn.apache.org/viewvc?rev=1232030&view=rev
Log:
Store the UsernameToken derived key in the UTProcessor
Modified:
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/processor/UsernameTokenProcessor.java
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/str/DerivedKeyTokenSTRParser.java
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/str/SignatureSTRParser.java
Modified:
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/processor/UsernameTokenProcessor.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/processor/UsernameTokenProcessor.java?rev=1232030&r1=1232029&r2=1232030&view=diff
==============================================================================
---
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/processor/UsernameTokenProcessor.java
(original)
+++
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/processor/UsernameTokenProcessor.java
Mon Jan 16 15:35:36 2012
@@ -66,11 +66,17 @@ public class UsernameTokenProcessor impl
UsernameToken token = credential.getUsernametoken();
int action = WSConstants.UT;
+ byte[] secretKey = null;
if (token.getPassword() == null) {
action = WSConstants.UT_NOPASSWORD;
+ if (token.isDerivedKey()) {
+ token.setRawPassword(data);
+ secretKey = token.getDerivedKey();
+ }
}
WSSecurityEngineResult result = new WSSecurityEngineResult(action,
token);
result.put(WSSecurityEngineResult.TAG_ID, token.getID());
+ result.put(WSSecurityEngineResult.TAG_SECRET, secretKey);
if (validator != null) {
result.put(WSSecurityEngineResult.TAG_VALIDATED_TOKEN,
Boolean.TRUE);
Modified:
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/str/DerivedKeyTokenSTRParser.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/str/DerivedKeyTokenSTRParser.java?rev=1232030&r1=1232029&r2=1232030&view=diff
==============================================================================
---
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/str/DerivedKeyTokenSTRParser.java
(original)
+++
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/str/DerivedKeyTokenSTRParser.java
Mon Jan 16 15:35:36 2012
@@ -29,7 +29,6 @@ import org.apache.ws.security.components
import org.apache.ws.security.handler.RequestData;
import org.apache.ws.security.message.token.BinarySecurity;
import org.apache.ws.security.message.token.SecurityTokenReference;
-import org.apache.ws.security.message.token.UsernameToken;
import org.apache.ws.security.saml.SAMLKeyInfo;
import org.apache.ws.security.saml.SAMLUtil;
import org.apache.ws.security.saml.ext.AssertionWrapper;
@@ -250,10 +249,7 @@ public class DerivedKeyTokenSTRParser im
if (bspCompliant) {
BSPEnforcer.checkUsernameTokenBSPCompliance(secRef);
}
- UsernameToken usernameToken =
-
(UsernameToken)result.get(WSSecurityEngineResult.TAG_USERNAME_TOKEN);
- usernameToken.setRawPassword(data);
- secretKey = usernameToken.getDerivedKey();
+ secretKey = (byte[])result.get(WSSecurityEngineResult.TAG_SECRET);
} else if (WSConstants.ENCR == action) {
if (bspCompliant) {
BSPEnforcer.checkEncryptedKeyBSPCompliance(secRef);
Modified:
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/str/SignatureSTRParser.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/str/SignatureSTRParser.java?rev=1232030&r1=1232029&r2=1232030&view=diff
==============================================================================
---
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/str/SignatureSTRParser.java
(original)
+++
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/str/SignatureSTRParser.java
Mon Jan 16 15:35:36 2012
@@ -397,7 +397,7 @@ public class SignatureSTRParser implemen
usernameToken.setRawPassword(data);
if (usernameToken.isDerivedKey()) {
- secretKey = usernameToken.getDerivedKey();
+ secretKey =
(byte[])result.get(WSSecurityEngineResult.TAG_SECRET);
} else {
int keyLength =
((Integer)parameters.get(SECRET_KEY_LENGTH)).intValue();
secretKey = usernameToken.getSecretKey(keyLength);
