This is an automated email from the ASF dual-hosted git repository.
robertlazarski pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/axis-axis2-java-rampart.git
The following commit(s) were added to refs/heads/master by this push:
new b0f00965 RAMPART-335 X509V3 KeyIdentifier cannot be set dynmaically
b0f00965 is described below
commit b0f0096543e1ef494b0356740ec76fda7d5def56
Author: Robert Lazarski <robertlazar...@gmail.com>
AuthorDate: Wed Nov 6 09:18:13 2024 -1000
RAMPART-335 X509V3 KeyIdentifier cannot be set dynmaically
---
.../main/java/org/apache/rampart/util/RampartUtil.java | 5 +++++
.../java/org/apache/ws/secpolicy/model/X509Token.java | 18 +++++++++++++++++-
2 files changed, 22 insertions(+), 1 deletion(-)
diff --git
a/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java
b/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java
index 78c6ae64..2ed59869 100644
---
a/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java
+++
b/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java
@@ -491,6 +491,8 @@ public class RampartUtil {
return WSConstants.THUMBPRINT_IDENTIFIER;
} else if (token.isRequireEmbeddedTokenReference()) {
return WSConstants.BST_DIRECT_REFERENCE;
+ } else if (token.isRequireX509V3KeyIdentifierReference()) {
+ return WSConstants.X509_KEY_IDENTIFIER;
} else {
throw new RampartException(
"unknownKeyRefSpeficier");
@@ -1459,6 +1461,9 @@ public class RampartUtil {
} else if (x509Token.isRequireThumbprintReference()) {
secBase.setKeyIdentifierType(WSConstants.THUMBPRINT_IDENTIFIER);
tokenTypeSet = true;
+ } else if
(x509Token.isRequireX509V3KeyIdentifierReference()) {
+
secBase.setKeyIdentifierType(WSConstants.X509_KEY_IDENTIFIER);
+ tokenTypeSet = true;
} else if (log.isDebugEnabled()) {
log.debug("RampartUtil.setKeyIdentifierType()
found a Token that is an instanceof X509Token but was not able to identify the
correcc constant to set on WSSecBase.setKeyIdentifierType()" );
}
diff --git
a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/X509Token.java
b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/X509Token.java
index c81a9593..57e733b6 100644
---
a/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/X509Token.java
+++
b/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/X509Token.java
@@ -36,6 +36,8 @@ public class X509Token extends Token {
private boolean requireThumbprintReference;
+ private boolean requireX509V3KeyIdentifierReference;
+
private String tokenVersionAndType = Constants.WSS_X509_V3_TOKEN10;
private String encryptionUser;
@@ -120,6 +122,20 @@ public class X509Token extends Token {
this.requireThumbprintReference = requireThumbprintReference;
}
+ /**
+ * @return Returns the requireX509V3KeyIdentifierReference
+ */
+ public boolean isRequireX509V3KeyIdentifierReference() {
+ return requireX509V3KeyIdentifierReference;
+ }
+
+ /**
+ * @param requireX509V3KeyIdentifierReference The
requireX509V3KeyIdentifierReference to set
+ */
+ public void setRequireX509V3KeyIdentifierReference(boolean
requireX509V3KeyIdentifierReference) {
+ this.requireX509V3KeyIdentifierReference =
requireX509V3KeyIdentifierReference;
+ }
+
/**
* @return Returns the tokenVersionAndType.
*/
@@ -169,7 +185,7 @@ public class X509Token extends Token {
// <wsp:Policy>
writeStartElement(writer, SPConstants.POLICY);
- if (isRequireKeyIdentifierReference()) {
+ if (isRequireKeyIdentifierReference() ||
isRequireX509V3KeyIdentifierReference()) {
// <sp:RequireKeyIdentifierReference />
writeEmptyElement(writer, prefix,
SPConstants.REQUIRE_KEY_IDENTIFIRE_REFERENCE, namespaceURI);
}
