Author: dkulp
Date: Tue Apr 2 19:28:01 2013
New Revision: 1463709
URL: http://svn.apache.org/r1463709
Log:
The child policy of BootstrapPolicy should not be used as part of the
normalization and vocabulary of the currently being processed message as it's
just used to setup the policy for the interaction with the secure conversation
endpoint.
Added:
webservices/wss4j/trunk/policy/src/main/java/org/apache/wss4j/policy/builders/BootstrapPolicyBuilder.java
webservices/wss4j/trunk/policy/src/main/java/org/apache/wss4j/policy/model/BootstrapPolicy.java
Modified:
webservices/wss4j/trunk/policy/src/main/java/org/apache/wss4j/policy/model/SecureConversationToken.java
webservices/wss4j/trunk/policy/src/test/java/org/apache/wss4j/policy/tests/AbstractTestBase.java
webservices/wss4j/trunk/policy/src/test/java/org/apache/wss4j/policy/tests/SecureConversationTokenTest.java
webservices/wss4j/trunk/policy/src/test/resources/policy/model/sp12/normalized/SecureConversationToken.xml
webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/PolicyEnforcerFactory.java
Added:
webservices/wss4j/trunk/policy/src/main/java/org/apache/wss4j/policy/builders/BootstrapPolicyBuilder.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/policy/src/main/java/org/apache/wss4j/policy/builders/BootstrapPolicyBuilder.java?rev=1463709&view=auto
==============================================================================
---
webservices/wss4j/trunk/policy/src/main/java/org/apache/wss4j/policy/builders/BootstrapPolicyBuilder.java
(added)
+++
webservices/wss4j/trunk/policy/src/main/java/org/apache/wss4j/policy/builders/BootstrapPolicyBuilder.java
Tue Apr 2 19:28:01 2013
@@ -0,0 +1,54 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.wss4j.policy.builders;
+
+import javax.xml.namespace.QName;
+
+import org.w3c.dom.Element;
+
+import org.apache.neethi.Assertion;
+import org.apache.neethi.AssertionBuilderFactory;
+import org.apache.neethi.Policy;
+import org.apache.neethi.builders.AssertionBuilder;
+import org.apache.wss4j.policy.SP11Constants;
+import org.apache.wss4j.policy.SP13Constants;
+import org.apache.wss4j.policy.SPConstants;
+import org.apache.wss4j.policy.SPUtils;
+import org.apache.wss4j.policy.model.BootstrapPolicy;
+
+public class BootstrapPolicyBuilder implements AssertionBuilder<Element> {
+
+ public BootstrapPolicyBuilder() {
+ }
+
+ public Assertion build(Element element, AssertionBuilderFactory factory)
throws IllegalArgumentException {
+ final SPConstants.SPVersion spVersion =
SPConstants.SPVersion.getSPVersion(element.getNamespaceURI());
+ final Element nestedPolicyElement =
SPUtils.getFirstPolicyChildElement(element);
+ if (nestedPolicyElement == null) {
+ throw new IllegalArgumentException("sp:BootstrapPolicy must have
an inner wsp:Policy element");
+ }
+ final Policy nestedPolicy =
factory.getPolicyEngine().getPolicy(nestedPolicyElement);
+ return new BootstrapPolicy(spVersion, nestedPolicy);
+ }
+
+ public QName[] getKnownElements() {
+ return new QName[]{SP13Constants.BOOTSTRAP_POLICY,
SP11Constants.BOOTSTRAP_POLICY};
+ }
+
+}
Added:
webservices/wss4j/trunk/policy/src/main/java/org/apache/wss4j/policy/model/BootstrapPolicy.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/policy/src/main/java/org/apache/wss4j/policy/model/BootstrapPolicy.java?rev=1463709&view=auto
==============================================================================
---
webservices/wss4j/trunk/policy/src/main/java/org/apache/wss4j/policy/model/BootstrapPolicy.java
(added)
+++
webservices/wss4j/trunk/policy/src/main/java/org/apache/wss4j/policy/model/BootstrapPolicy.java
Tue Apr 2 19:28:01 2013
@@ -0,0 +1,60 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.wss4j.policy.model;
+
+import javax.xml.namespace.QName;
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamWriter;
+
+import org.apache.neethi.Policy;
+import org.apache.wss4j.policy.SPConstants.SPVersion;
+
+/**
+ * A BootstrapPolicy is held internally to a SecureConversationToken
+ *
+ * While a BootstrapPolicy element DOES contain an internal Policy, this
+ * token is NOT considered a PolicyContainingAssertion for the purpose of
+ * calculating things like normalized policies and vocabulary.
+ */
+public class BootstrapPolicy extends AbstractSecurityAssertion {
+ private final Policy nestedPolicy;
+
+ public BootstrapPolicy(SPVersion version, Policy nestedPolicy) {
+ super(version);
+ this.nestedPolicy = nestedPolicy;
+ }
+
+ public QName getName() {
+ return super.getVersion().getSPConstants().getBootstrapPolicy();
+ }
+
+ public Policy getPolicy() {
+ return nestedPolicy;
+ }
+
+ public void serialize(XMLStreamWriter writer) throws XMLStreamException {
+ super.serialize(writer, nestedPolicy);
+ }
+
+ protected AbstractSecurityAssertion cloneAssertion(Policy nestedPolicy) {
+ return this;
+ }
+
+}
Modified:
webservices/wss4j/trunk/policy/src/main/java/org/apache/wss4j/policy/model/SecureConversationToken.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/policy/src/main/java/org/apache/wss4j/policy/model/SecureConversationToken.java?rev=1463709&r1=1463708&r2=1463709&view=diff
==============================================================================
---
webservices/wss4j/trunk/policy/src/main/java/org/apache/wss4j/policy/model/SecureConversationToken.java
(original)
+++
webservices/wss4j/trunk/policy/src/main/java/org/apache/wss4j/policy/model/SecureConversationToken.java
Tue Apr 2 19:28:01 2013
@@ -20,7 +20,6 @@ package org.apache.wss4j.policy.model;
import org.apache.neethi.Assertion;
import org.apache.neethi.Policy;
-import org.apache.neethi.builders.PolicyContainingPrimitiveAssertion;
import org.apache.wss4j.policy.SPConstants;
import org.w3c.dom.Element;
@@ -30,7 +29,7 @@ import java.util.List;
public class SecureConversationToken extends SecurityContextToken {
- private Policy bootstrapPolicy;
+ private BootstrapPolicy bootstrapPolicy;
private boolean mustNotSendCancel;
private boolean mustNotSendAmend;
@@ -93,8 +92,8 @@ public class SecureConversationToken ext
if (secureConversationToken.getBootstrapPolicy() != null) {
throw new
IllegalArgumentException(SPConstants.ERR_INVALID_POLICY);
}
- PolicyContainingPrimitiveAssertion
policyContainingPrimitiveAssertion = (PolicyContainingPrimitiveAssertion)
assertion;
-
secureConversationToken.setBootstrapPolicy(policyContainingPrimitiveAssertion.getPolicy());
+ BootstrapPolicy bootstrap = (BootstrapPolicy) assertion;
+ secureConversationToken.setBootstrapPolicy(bootstrap);
continue;
}
}
@@ -125,11 +124,11 @@ public class SecureConversationToken ext
this.mustNotSendRenew = mustNotSendRenew;
}
- public Policy getBootstrapPolicy() {
+ public BootstrapPolicy getBootstrapPolicy() {
return bootstrapPolicy;
}
- protected void setBootstrapPolicy(Policy bootstrapPolicy) {
+ protected void setBootstrapPolicy(BootstrapPolicy bootstrapPolicy) {
this.bootstrapPolicy = bootstrapPolicy;
}
}
Modified:
webservices/wss4j/trunk/policy/src/test/java/org/apache/wss4j/policy/tests/AbstractTestBase.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/policy/src/test/java/org/apache/wss4j/policy/tests/AbstractTestBase.java?rev=1463709&r1=1463708&r2=1463709&view=diff
==============================================================================
---
webservices/wss4j/trunk/policy/src/test/java/org/apache/wss4j/policy/tests/AbstractTestBase.java
(original)
+++
webservices/wss4j/trunk/policy/src/test/java/org/apache/wss4j/policy/tests/AbstractTestBase.java
Tue Apr 2 19:28:01 2013
@@ -97,6 +97,7 @@ public abstract class AbstractTestBase e
assertionBuilderFactory.registerBuilder(new RequiredPartsBuilder());
assertionBuilderFactory.registerBuilder(new SamlTokenBuilder());
assertionBuilderFactory.registerBuilder(new
SecureConversationTokenBuilder());
+ assertionBuilderFactory.registerBuilder(new BootstrapPolicyBuilder());
assertionBuilderFactory.registerBuilder(new
SecurityContextTokenBuilder());
assertionBuilderFactory.registerBuilder(new SignatureTokenBuilder());
assertionBuilderFactory.registerBuilder(new SignedElementsBuilder());
Modified:
webservices/wss4j/trunk/policy/src/test/java/org/apache/wss4j/policy/tests/SecureConversationTokenTest.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/policy/src/test/java/org/apache/wss4j/policy/tests/SecureConversationTokenTest.java?rev=1463709&r1=1463708&r2=1463709&view=diff
==============================================================================
---
webservices/wss4j/trunk/policy/src/test/java/org/apache/wss4j/policy/tests/SecureConversationTokenTest.java
(original)
+++
webservices/wss4j/trunk/policy/src/test/java/org/apache/wss4j/policy/tests/SecureConversationTokenTest.java
Tue Apr 2 19:28:01 2013
@@ -68,7 +68,7 @@ public class SecureConversationTokenTest
assertEquals(1, policyComponents.size());
PolicyOperator policyOperator = (PolicyOperator)
policyComponents.get(0);
policyComponents = policyOperator.getPolicyComponents();
- assertEquals(3, policyComponents.size());
+ assertEquals(2, policyComponents.size());
All all = (All) policyComponents.get(0);
List<PolicyComponent> policyComponentsAll = all.getAssertions();
assertEquals(0, policyComponentsAll.size());
Modified:
webservices/wss4j/trunk/policy/src/test/resources/policy/model/sp12/normalized/SecureConversationToken.xml
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/policy/src/test/resources/policy/model/sp12/normalized/SecureConversationToken.xml?rev=1463709&r1=1463708&r2=1463709&view=diff
==============================================================================
---
webservices/wss4j/trunk/policy/src/test/resources/policy/model/sp12/normalized/SecureConversationToken.xml
(original)
+++
webservices/wss4j/trunk/policy/src/test/resources/policy/model/sp12/normalized/SecureConversationToken.xml
Tue Apr 2 19:28:01 2013
@@ -16,39 +16,10 @@
<sp:MustNotSendAmend/>
<sp:MustNotSendRenew/>
<sp:BootstrapPolicy>
- <wsp:Policy
xmlns:wsp="http://www.w3.org/ns/ws-policy";>
+ <wsp:Policy>
<wsp:ExactlyOne>
- <wsp:All>
- <Test1 xmlns=""></Test1>
- </wsp:All>
- </wsp:ExactlyOne>
- </wsp:Policy>
- </sp:BootstrapPolicy>
- </wsp:All>
- </wsp:ExactlyOne>
- </wsp:Policy>
- </sp:SecureConversationToken>
- </wsp:All>
- <wsp:All>
- <sp:SecureConversationToken
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";
-
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Once";
- wsp:Ignorable="true">
- <sp:IssuerName>issuerName</sp:IssuerName>
- <wsp:Policy xmlns:wsp="http://www.w3.org/ns/ws-policy";>
- <wsp:ExactlyOne>
- <wsp:All>
- <sp:RequireDerivedKeys/>
- <sp:RequireExternalUriReference/>
- <sp:SC13SecurityContextToken/>
- <sp:MustNotSendCancel/>
- <sp:MustNotSendAmend/>
- <sp:MustNotSendRenew/>
- <sp:BootstrapPolicy>
- <wsp:Policy
xmlns:wsp="http://www.w3.org/ns/ws-policy";>
- <wsp:ExactlyOne>
- <wsp:All>
- <Test2 xmlns=""></Test2>
- </wsp:All>
+ <Test1 xmlns=""></Test1>
+ <Test2 xmlns=""></Test2>
</wsp:ExactlyOne>
</wsp:Policy>
</sp:BootstrapPolicy>
@@ -58,4 +29,13 @@
</sp:SecureConversationToken>
</wsp:All>
</wsp:ExactlyOne>
-</wsp:Policy>
\ No newline at end of file
+</wsp:Policy>
+
+
+
+
+
+
+
+
+
Modified:
webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/PolicyEnforcerFactory.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/PolicyEnforcerFactory.java?rev=1463709&r1=1463708&r2=1463709&view=diff
==============================================================================
---
webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/PolicyEnforcerFactory.java
(original)
+++
webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/PolicyEnforcerFactory.java
Tue Apr 2 19:28:01 2013
@@ -49,6 +49,7 @@ import org.apache.neethi.builders.Assert
import org.apache.wss4j.policy.WSSPolicyException;
import org.apache.wss4j.policy.builders.AlgorithmSuiteBuilder;
import org.apache.wss4j.policy.builders.AsymmetricBindingBuilder;
+import org.apache.wss4j.policy.builders.BootstrapPolicyBuilder;
import org.apache.wss4j.policy.builders.ContentEncryptedElementsBuilder;
import org.apache.wss4j.policy.builders.EncryptedElementsBuilder;
import org.apache.wss4j.policy.builders.EncryptedPartsBuilder;
@@ -132,6 +133,7 @@ public class PolicyEnforcerFactory {
assertionBuilders.add(new RequiredPartsBuilder());
assertionBuilders.add(new SamlTokenBuilder());
assertionBuilders.add(new SecureConversationTokenBuilder());
+ assertionBuilders.add(new BootstrapPolicyBuilder());
assertionBuilders.add(new SecurityContextTokenBuilder());
assertionBuilders.add(new SignatureTokenBuilder());
assertionBuilders.add(new SignedElementsBuilder());
