This is an automated email from the git hooks/post-receive script. ebourg-guest pushed a commit to branch master in repository wss4j.
commit b090d26c783295f0a313970887ef12db152bb0a4 Author: Emmanuel Bourg <[email protected]> Date: Wed Sep 25 12:02:01 2013 +0200 New upstream release (1.6.12) Revamped the build system to use maven-debian-helper --- debian/changelog | 18 +- debian/control | 3 +- debian/libwss4j-java.poms | 28 +++ debian/maven.ignoreRules | 6 + debian/maven.properties | 1 + debian/maven.publishedRules | 2 + debian/maven.rules | 7 + debian/patches/01-no-saml.patch | 464 ++++++++++++++++++++++++++++++++++++++ debian/patches/build.patch | 52 ----- debian/patches/no-opensaml.patch | 254 --------------------- debian/patches/series | 3 +- debian/rules | 27 +-- 12 files changed, 526 insertions(+), 339 deletions(-) diff --git a/debian/changelog b/debian/changelog index 0d2725e..a668c8a 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,11 +1,15 @@ -wss4j (1.5.8+svntag-2.1) UNRELEASED; urgency=low - - * Updated Standards-Version to 3.9.4 (no changes) - * Removed the deprecated DM-Upload-Allowed flag - * Removed the dependency on the JRE for the binary package (not needed) +wss4j (1.6.12-1) UNRELEASED; urgency=low + + * New upstream version + * Refreshed the patches + * debian/control: + - Maintenance transferred to the Debian Java Maintainers + - Updated Standards-Version to 3.9.4 (no changes) + - Removed the deprecated DM-Upload-Allowed flag + - Removed the dependency on the JRE for the binary package (not needed) * Use XZ compression for the upstream tarball - * debian/rules: Use quilt instead of simple-patchsys.mk - * Maintenance transfered to the Debian Java Maintainers + * Revamped the build system to use maven-debian-helper + * Install the Maven artifacts in /usr/share/maven-repo -- Emmanuel Bourg <[email protected]> Mon, 23 Sep 2013 09:18:49 +0200 diff --git a/debian/control b/debian/control index d263553..89d3f52 100644 --- a/debian/control +++ b/debian/control @@ -7,9 +7,10 @@ Build-Depends-Indep: default-jdk, libaxis-java, libbcprov-java, libcommons-logging-java, + libmaven-bundle-plugin-java, libxalan2-java, libxml-security-java -Build-Depends: ant, cdbs (>= 0.4.5.3), debhelper (>= 7) +Build-Depends: ant, cdbs (>= 0.4.5.3), debhelper (>= 7), maven-debian-helper Standards-Version: 3.9.4 Vcs-Git: git://anonscm.debian.org/pkg-java/wss4j.git Vcs-Browser: http://anonscm.debian.org/gitweb/?p=pkg-java/wss4j.git diff --git a/debian/libwss4j-java.poms b/debian/libwss4j-java.poms new file mode 100644 index 0000000..1d885c3 --- /dev/null +++ b/debian/libwss4j-java.poms @@ -0,0 +1,28 @@ +# List of POM files for the package +# Format of this file is: +# <path to pom file> [option]* +# where option can be: +# --ignore: ignore this POM and its artifact if any +# --ignore-pom: don't install the POM. To use on POM files that are created +# temporarily for certain artifacts such as Javadoc jars. [mh_install, mh_installpoms] +# --no-parent: remove the <parent> tag from the POM +# --package=<package>: an alternative package to use when installing this POM +# and its artifact +# --has-package-version: to indicate that the original version of the POM is the same as the upstream part +# of the version for the package. +# --keep-elements=<elem1,elem2>: a list of XML elements to keep in the POM +# during a clean operation with mh_cleanpom or mh_installpom +# --artifact=<path>: path to the build artifact associated with this POM, +# it will be installed when using the command mh_install. [mh_install] +# --java-lib: install the jar into /usr/share/java to comply with Debian +# packaging guidelines +# --usj-name=<name>: name to use when installing the library in /usr/share/java +# --usj-version=<version>: version to use when installing the library in /usr/share/java +# --no-usj-versionless: don't install the versionless link in /usr/share/java +# --dest-jar=<path>: the destination for the real jar. +# It will be installed with mh_install. [mh_install] +# --classifier=<classifier>: Optional, the classifier for the jar. Empty by default. +# --site-xml=<location>: Optional, the location for site.xml if it needs to be installed. +# Empty by default. [mh_install] +# +pom.xml --has-package-version --java-lib diff --git a/debian/maven.ignoreRules b/debian/maven.ignoreRules new file mode 100644 index 0000000..fb16729 --- /dev/null +++ b/debian/maven.ignoreRules @@ -0,0 +1,6 @@ +org.apache.maven.plugins maven-jxr-plugin * * * * +org.apache.maven.plugins maven-pmd-plugin * * * * +org.apache.maven.plugins maven-project-info-reports-plugin * * * * +org.apache.maven.plugins maven-release-plugin * * * * +org.apache.maven.plugins maven-remote-resources-plugin * * * * +org.opensaml opensaml * * * * diff --git a/debian/maven.properties b/debian/maven.properties new file mode 100644 index 0000000..d2f1b82 --- /dev/null +++ b/debian/maven.properties @@ -0,0 +1 @@ +maven.test.skip=true diff --git a/debian/maven.publishedRules b/debian/maven.publishedRules new file mode 100644 index 0000000..46324d4 --- /dev/null +++ b/debian/maven.publishedRules @@ -0,0 +1,2 @@ + +org.apache.ws.security wss4j s/jar/bundle/ s/.*/debian/ * * diff --git a/debian/maven.rules b/debian/maven.rules new file mode 100644 index 0000000..32d46b6 --- /dev/null +++ b/debian/maven.rules @@ -0,0 +1,7 @@ + +junit junit jar s/4\..*/4.x/ * * +org.apache apache pom s/.*/debian/ * * +org.apache.ws.security wss4j bundle s/.*/debian/ * * +commons-logging s/commons-logging-api/commons-logging/ * s/.*/debian/ * * +log4j log4j * s/1\.2\..*/1.2.x/ * * +org.bouncycastle s/bcprov-jdk15on/bcprov/ * s/.*/debian/ * * diff --git a/debian/patches/01-no-saml.patch b/debian/patches/01-no-saml.patch new file mode 100644 index 0000000..dad5f74 --- /dev/null +++ b/debian/patches/01-no-saml.patch @@ -0,0 +1,464 @@ +Description: SAML is not packaged in Debian yet (RFP #656541). + This patch disables the compilation of the SAML related code. +Author: Emmanuel Bourg <[email protected]> +Forwarded: not-needed +--- a/pom.xml ++++ b/pom.xml +@@ -244,6 +244,11 @@ + <configuration> + <source>1.5</source> + <target>1.5</target> ++ <excludes> ++ <exclude>org/apache/ws/security/saml/**</exclude> ++ <exclude>**/*SAMLToken*</exclude> ++ <exclude>**/SamlAssertionValidator*</exclude> ++ </excludes> + </configuration> + </plugin> + <plugin> +--- a/src/main/java/org/apache/ws/security/str/SignatureSTRParser.java ++++ b/src/main/java/org/apache/ws/security/str/SignatureSTRParser.java +@@ -20,7 +20,6 @@ + package org.apache.ws.security.str; + + import org.apache.ws.security.CustomTokenPrincipal; +-import org.apache.ws.security.SAMLTokenPrincipal; + import org.apache.ws.security.WSConstants; + import org.apache.ws.security.WSDerivedKeyTokenPrincipal; + import org.apache.ws.security.WSDocInfo; +@@ -37,10 +36,6 @@ + import org.apache.ws.security.message.token.SecurityTokenReference; + import org.apache.ws.security.message.token.UsernameToken; + import org.apache.ws.security.processor.Processor; +-import org.apache.ws.security.saml.SAMLKeyInfo; +-import org.apache.ws.security.saml.SAMLUtil; +-import org.apache.ws.security.saml.ext.AssertionWrapper; +-import org.apache.ws.security.saml.ext.OpenSAMLUtil; + import org.apache.ws.security.util.Base64; + import org.apache.ws.security.util.WSSecurityUtil; + import org.w3c.dom.Element; +@@ -152,6 +147,7 @@ + certs = (X509Certificate[])bstResult.get(0).get(WSSecurityEngineResult.TAG_X509_CERTIFICATES); + secretKey = (byte[])bstResult.get(0).get(WSSecurityEngineResult.TAG_SECRET); + principal = (Principal)bstResult.get(0).get(WSSecurityEngineResult.TAG_PRINCIPAL); ++/* + } else if (el.equals(WSSecurityEngine.SAML_TOKEN) + || el.equals(WSSecurityEngine.SAML2_TOKEN)) { + Processor proc = data.getWssConfig().getProcessor(WSSecurityEngine.SAML_TOKEN); +@@ -185,6 +181,7 @@ + } + secretKey = keyInfo.getSecret(); + principal = createPrincipalFromSAML(assertion); ++*/ + } else if (el.equals(WSSecurityEngine.ENCRYPTED_KEY)) { + if (bspCompliant) { + BSPEnforcer.checkEncryptedKeyBSPCompliance(secRef); +@@ -212,9 +209,11 @@ + secretKey = + getSecretKeyFromToken(id, SecurityTokenReference.ENC_KEY_SHA1_URI, data); + principal = new CustomTokenPrincipal(id); ++/* + } else if (WSConstants.WSS_SAML_KI_VALUE_TYPE.equals(secRef.getKeyIdentifierValueType()) + || WSConstants.WSS_SAML2_KI_VALUE_TYPE.equals(secRef.getKeyIdentifierValueType())) { + parseSAMLKeyIdentifier(secRef, wsDocInfo, data, bspCompliant); ++*/ + } else { + parseBSTKeyIdentifier(secRef, crypto, wsDocInfo, data, bspCompliant); + } +@@ -287,6 +286,7 @@ + * @param assertion An AssertionWrapper object + * @return A principal + */ ++/* + private Principal createPrincipalFromSAML( + AssertionWrapper assertion + ) { +@@ -301,6 +301,7 @@ + } + return samlPrincipal; + } ++*/ + + /** + * Get the Secret Key from a CallbackHandler +@@ -341,6 +342,7 @@ + /** + * Parse the KeyIdentifier for a SAML Assertion + */ ++/* + private void parseSAMLKeyIdentifier( + SecurityTokenReference secRef, + WSDocInfo wsDocInfo, +@@ -368,6 +370,7 @@ + principal = createPrincipalFromSAML(assertion); + } + } ++*/ + + /** + * Parse the KeyIdentifier for a BinarySecurityToken +@@ -520,6 +523,7 @@ + secretKey = dkt.deriveKey(keyLength, secret); + principal = dkt.createPrincipal(); + ((WSDerivedKeyTokenPrincipal)principal).setSecret(secret); ++/* + } else if (WSConstants.ST_UNSIGNED == action || WSConstants.ST_SIGNED == action) { + AssertionWrapper assertion = + (AssertionWrapper)result.get(WSSecurityEngineResult.TAG_SAML_ASSERTION); +@@ -539,6 +543,7 @@ + secretKey = keyInfo.getSecret(); + publicKey = keyInfo.getPublicKey(); + principal = createPrincipalFromSAML(assertion); ++*/ + } + } + +--- a/src/main/java/org/apache/ws/security/str/SecurityTokenRefSTRParser.java ++++ b/src/main/java/org/apache/ws/security/str/SecurityTokenRefSTRParser.java +@@ -33,9 +33,6 @@ + import org.apache.ws.security.message.token.SecurityTokenReference; + import org.apache.ws.security.message.token.UsernameToken; + import org.apache.ws.security.processor.Processor; +-import org.apache.ws.security.saml.SAMLKeyInfo; +-import org.apache.ws.security.saml.SAMLUtil; +-import org.apache.ws.security.saml.ext.AssertionWrapper; + import org.apache.ws.security.util.WSSecurityUtil; + import org.w3c.dom.Element; + +@@ -132,6 +129,7 @@ + } + } else if (secRef.containsKeyIdentifier()) { + String valueType = secRef.getKeyIdentifierValueType(); ++/* + if (WSConstants.WSS_SAML_KI_VALUE_TYPE.equals(valueType) + || WSConstants.WSS_SAML2_KI_VALUE_TYPE.equals(valueType)) { + secretKey = +@@ -145,7 +143,7 @@ + secretKey = + getSecretKeyFromAssertion(assertion, secRef, data, wsDocInfo, bspCompliant); + } +- } else if (WSConstants.WSS_KRB_KI_VALUE_TYPE.equals(valueType)) { ++ } else */ if (WSConstants.WSS_KRB_KI_VALUE_TYPE.equals(valueType)) { + secretKey = + getSecretKeyFromToken(secRef.getKeyIdentifierValue(), valueType, data); + if (secretKey == null) { +@@ -276,6 +274,7 @@ + /** + * Get a SecretKey from a SAML Assertion + */ ++/* + private byte[] getSecretKeyFromAssertion( + AssertionWrapper assertion, + SecurityTokenReference secRef, +@@ -295,6 +294,7 @@ + } + return samlKi.getSecret(); + } ++*/ + + /** + * Process a previous security result +@@ -321,11 +321,13 @@ + String algorithm = (String)parameters.get(SIGNATURE_METHOD); + secretKey = dkt.deriveKey(WSSecurityUtil.getKeyLength(algorithm), secret); + principal = dkt.createPrincipal(); ++/* + } else if (WSConstants.ST_UNSIGNED == action || WSConstants.ST_SIGNED == action) { + AssertionWrapper assertion = + (AssertionWrapper)result.get(WSSecurityEngineResult.TAG_SAML_ASSERTION); + secretKey = + getSecretKeyFromAssertion(assertion, secRef, data, wsDocInfo, bspCompliant); ++*/ + } else if (WSConstants.SCT == action || WSConstants.BST == action) { + secretKey = (byte[])result.get(WSSecurityEngineResult.TAG_SECRET); + } else if (WSConstants.UT_NOPASSWORD == action || WSConstants.UT == action) { +--- a/src/main/java/org/apache/ws/security/str/EncryptedKeySTRParser.java ++++ b/src/main/java/org/apache/ws/security/str/EncryptedKeySTRParser.java +@@ -30,9 +30,6 @@ + import org.apache.ws.security.message.token.BinarySecurity; + import org.apache.ws.security.message.token.SecurityTokenReference; + import org.apache.ws.security.message.token.X509Security; +-import org.apache.ws.security.saml.SAMLKeyInfo; +-import org.apache.ws.security.saml.SAMLUtil; +-import org.apache.ws.security.saml.ext.AssertionWrapper; + import org.w3c.dom.Element; + + import java.security.Principal; +@@ -99,6 +96,7 @@ + if (result != null) { + processPreviousResult(result, secRef, data, wsDocInfo, bspCompliant); + } else if (secRef.containsKeyIdentifier()) { ++/* + if (WSConstants.WSS_SAML_KI_VALUE_TYPE.equals(secRef.getKeyIdentifierValueType()) + || WSConstants.WSS_SAML2_KI_VALUE_TYPE.equals(secRef.getKeyIdentifierValueType())) { + AssertionWrapper assertion = +@@ -112,7 +110,7 @@ + SAMLUtil.getCredentialFromSubject(assertion, + data, wsDocInfo, bspCompliant); + certs = samlKi.getCerts(); +- } else { ++ } else */ { + if (bspCompliant) { + BSPEnforcer.checkBinarySecurityBSPCompliance(secRef, null); + } +@@ -221,6 +219,7 @@ + (X509Certificate[])result.get( + WSSecurityEngineResult.TAG_X509_CERTIFICATES + ); ++/* + } else if (WSConstants.ST_UNSIGNED == action || WSConstants.ST_SIGNED == action) { + AssertionWrapper assertion = + (AssertionWrapper)result.get(WSSecurityEngineResult.TAG_SAML_ASSERTION); +@@ -232,6 +231,7 @@ + data, + wsDocInfo, bspCompliant); + certs = keyInfo.getCerts(); ++*/ + } else { + throw new WSSecurityException( + WSSecurityException.UNSUPPORTED_SECURITY_TOKEN, +--- a/src/main/java/org/apache/ws/security/processor/BinarySecurityTokenProcessor.java ++++ b/src/main/java/org/apache/ws/security/processor/BinarySecurityTokenProcessor.java +@@ -19,7 +19,6 @@ + + package org.apache.ws.security.processor; + +-import org.apache.ws.security.SAMLTokenPrincipal; + import org.apache.ws.security.WSConstants; + import org.apache.ws.security.WSDocInfo; + import org.apache.ws.security.WSSConfig; +@@ -92,6 +91,7 @@ + result.put(WSSecurityEngineResult.TAG_VALIDATED_TOKEN, Boolean.TRUE); + result.put(WSSecurityEngineResult.TAG_SECRET, returnedCredential.getSecretKey()); + ++/* + if (returnedCredential.getTransformedToken() != null) { + result.put( + WSSecurityEngineResult.TAG_TRANSFORMED_TOKEN, +@@ -100,7 +100,7 @@ + SAMLTokenPrincipal samlPrincipal = + new SAMLTokenPrincipal(credential.getTransformedToken()); + result.put(WSSecurityEngineResult.TAG_PRINCIPAL, samlPrincipal); +- } else if (credential.getPrincipal() != null) { ++ } else */ if (credential.getPrincipal() != null) { + result.put(WSSecurityEngineResult.TAG_PRINCIPAL, credential.getPrincipal()); + } else if (certs != null && certs[0] != null) { + result.put(WSSecurityEngineResult.TAG_PRINCIPAL, certs[0].getSubjectX500Principal()); +--- a/src/main/java/org/apache/ws/security/validate/Credential.java ++++ b/src/main/java/org/apache/ws/security/validate/Credential.java +@@ -28,7 +28,6 @@ + import org.apache.ws.security.message.token.SecurityContextToken; + import org.apache.ws.security.message.token.Timestamp; + import org.apache.ws.security.message.token.UsernameToken; +-import org.apache.ws.security.saml.ext.AssertionWrapper; + + /** + * This class stores various Credential types that can be validated and/or returned by a +@@ -42,8 +41,6 @@ + private Timestamp timestamp; + private UsernameToken usernametoken; + private BinarySecurity binarySecurityToken; +- private AssertionWrapper assertion; +- private AssertionWrapper transformedToken; + private SecurityContextToken securityContextToken; + private Principal principal; + private byte[] secretKey; +@@ -166,33 +163,41 @@ + * Set an AssertionWrapper to be validated + * @param assertion an AssertionWrapper to be validated + */ ++/* + public void setAssertion(AssertionWrapper assertion) { + this.assertion = assertion; + } ++*/ + + /** + * Get an AssertionWrapper to be validated + * @return an AssertionWrapper to be validated + */ ++/* + public AssertionWrapper getAssertion() { + return assertion; + } ++*/ + + /** + * Set an AssertionWrapper instance which corresponds to a Transformed Token. + * @param transformedToken a transformed AssertionWrapper instance + */ ++/* + public void setTransformedToken(AssertionWrapper transformedToken) { + this.transformedToken = transformedToken; + } ++*/ + + /** + * Get an AssertionWrapper instance which corresponds to a Transformed Token. + * @return a transformed AssertionWrapper instance + */ ++/* + public AssertionWrapper getTransformedToken() { + return transformedToken; + } ++*/ + + /** + * Set the principal that supplies context information to the validators. +--- a/src/main/java/org/apache/ws/security/str/BSPEnforcer.java ++++ b/src/main/java/org/apache/ws/security/str/BSPEnforcer.java +@@ -26,7 +26,6 @@ + import org.apache.ws.security.message.token.PKIPathSecurity; + import org.apache.ws.security.message.token.SecurityTokenReference; + import org.apache.ws.security.message.token.X509Security; +-import org.apache.ws.security.saml.ext.AssertionWrapper; + + /** + * This class enforces processing rules for SecurityTokenReferences to various token elements, +@@ -125,6 +124,7 @@ + * @param assertion The SAML Token AssertionWrapper object + * @throws WSSecurityException + */ ++/* + public static void checkSamlTokenBSPCompliance( + SecurityTokenReference secRef, + AssertionWrapper assertion +@@ -187,6 +187,7 @@ + } + } + } ++*/ + + /** + * Check that the Username token referenced by the SecurityTokenReference argument +--- a/src/main/java/org/apache/ws/security/WSSecurityEngineResult.java ++++ b/src/main/java/org/apache/ws/security/WSSecurityEngineResult.java +@@ -24,7 +24,6 @@ + import org.apache.ws.security.message.token.SignatureConfirmation; + import org.apache.ws.security.message.token.Timestamp; + import org.apache.ws.security.message.token.UsernameToken; +-import org.apache.ws.security.saml.ext.AssertionWrapper; + + import java.security.Principal; + import java.security.cert.X509Certificate; +@@ -233,6 +232,7 @@ + put(TAG_ACTION, Integer.valueOf(act)); + } + ++/* + public WSSecurityEngineResult( + int act, + AssertionWrapper ass +@@ -242,6 +242,7 @@ + put(TAG_VALIDATED_TOKEN, Boolean.FALSE); + put(TAG_TOKEN_ELEMENT, ass.getElement()); + } ++*/ + + public WSSecurityEngineResult( + int act, +--- a/src/main/java/org/apache/ws/security/processor/UsernameTokenProcessor.java ++++ b/src/main/java/org/apache/ws/security/processor/UsernameTokenProcessor.java +@@ -19,7 +19,6 @@ + + package org.apache.ws.security.processor; + +-import org.apache.ws.security.SAMLTokenPrincipal; + import org.apache.ws.security.WSConstants; + import org.apache.ws.security.WSDocInfo; + import org.apache.ws.security.WSSConfig; +@@ -82,6 +81,7 @@ + + if (validator != null) { + result.put(WSSecurityEngineResult.TAG_VALIDATED_TOKEN, Boolean.TRUE); ++/* + if (credential.getTransformedToken() != null) { + result.put( + WSSecurityEngineResult.TAG_TRANSFORMED_TOKEN, credential.getTransformedToken() +@@ -89,7 +89,7 @@ + SAMLTokenPrincipal samlPrincipal = + new SAMLTokenPrincipal(credential.getTransformedToken()); + result.put(WSSecurityEngineResult.TAG_PRINCIPAL, samlPrincipal); +- } else { ++ } else */ { + WSUsernameTokenPrincipal principal = + new WSUsernameTokenPrincipal(token.getName(), token.isHashed()); + principal.setNonce(token.getNonce()); +--- a/src/main/java/org/apache/ws/security/WSSConfig.java ++++ b/src/main/java/org/apache/ws/security/WSSConfig.java +@@ -75,6 +75,7 @@ + Integer.valueOf(WSConstants.SIGN), + org.apache.ws.security.action.SignatureAction.class + ); ++/* + tmp.put( + Integer.valueOf(WSConstants.ST_SIGNED), + org.apache.ws.security.action.SAMLTokenSignedAction.class +@@ -83,6 +84,7 @@ + Integer.valueOf(WSConstants.ST_UNSIGNED), + org.apache.ws.security.action.SAMLTokenUnsignedAction.class + ); ++*/ + tmp.put( + Integer.valueOf(WSConstants.TS), + org.apache.ws.security.action.TimestampAction.class +@@ -110,6 +112,7 @@ + static { + final Map<QName, Class<?>> tmp = new HashMap<QName, Class<?>>(); + try { ++/* + tmp.put( + WSSecurityEngine.SAML_TOKEN, + org.apache.ws.security.processor.SAMLTokenProcessor.class +@@ -118,6 +121,7 @@ + WSSecurityEngine.SAML2_TOKEN, + org.apache.ws.security.processor.SAMLTokenProcessor.class + ); ++*/ + tmp.put( + WSSecurityEngine.ENCRYPTED_KEY, + org.apache.ws.security.processor.EncryptedKeyProcessor.class +@@ -181,6 +185,7 @@ + static { + final Map<QName, Class<?>> tmp = new HashMap<QName, Class<?>>(); + try { ++/* + tmp.put( + WSSecurityEngine.SAML_TOKEN, + org.apache.ws.security.validate.SamlAssertionValidator.class +@@ -189,6 +194,7 @@ + WSSecurityEngine.SAML2_TOKEN, + org.apache.ws.security.validate.SamlAssertionValidator.class + ); ++*/ + tmp.put( + WSSecurityEngine.SIGNATURE, + org.apache.ws.security.validate.SignatureTrustValidator.class +--- a/src/main/java/org/apache/ws/security/str/DerivedKeyTokenSTRParser.java ++++ b/src/main/java/org/apache/ws/security/str/DerivedKeyTokenSTRParser.java +@@ -29,9 +29,6 @@ + import org.apache.ws.security.handler.RequestData; + import org.apache.ws.security.message.token.BinarySecurity; + import org.apache.ws.security.message.token.SecurityTokenReference; +-import org.apache.ws.security.saml.SAMLKeyInfo; +-import org.apache.ws.security.saml.SAMLUtil; +-import org.apache.ws.security.saml.ext.AssertionWrapper; + import org.apache.ws.security.util.WSSecurityUtil; + import org.w3c.dom.Element; + +@@ -265,6 +262,7 @@ + secretKey = (byte[])result.get(WSSecurityEngineResult.TAG_SECRET); + } else if (WSConstants.SCT == action || WSConstants.BST == action) { + secretKey = (byte[])result.get(WSSecurityEngineResult.TAG_SECRET); ++/* + } else if (WSConstants.ST_UNSIGNED == action || WSConstants.ST_SIGNED == action) { + AssertionWrapper assertion = + (AssertionWrapper)result.get(WSSecurityEngineResult.TAG_SAML_ASSERTION); +@@ -277,6 +275,7 @@ + // TODO Handle malformed SAML tokens where they don't have the + // secret in them + secretKey = keyInfo.getSecret(); ++*/ + } else { + throw new WSSecurityException( + WSSecurityException.FAILED_CHECK, "unsupportedKeyId" diff --git a/debian/patches/build.patch b/debian/patches/build.patch deleted file mode 100644 index 3e8ffe7..0000000 --- a/debian/patches/build.patch +++ /dev/null @@ -1,52 +0,0 @@ -diff -Nur -x '*.orig' -x '*~' wss4j/build.xml wss4j.new/build.xml ---- wss4j/build.xml 2009-04-16 10:23:04.000000000 +0200 -+++ wss4j.new/build.xml 2009-07-22 14:47:56.000000000 +0200 -@@ -122,17 +122,8 @@ - - <path id="classpath.library"> - <path refid="classpath.wss4j"/> -- <path refid="classpath.libraries"/> - </path> - -- <taskdef resource="axis-tasks.properties" classpathref= -- "classpath.library"/> -- <taskdef name="runaxisfunctionaltests" classname= -- "org.apache.axis.tools.ant.axis.RunAxisFunctionalTestsTask" -- loaderref="axis"> -- <classpath refid="classpath.library"/> -- </taskdef> -- - <!-- this shall include Axis jars because the tests use the - Axis implementation of javax.xml.soap, etc. Therefore the - CLASSPATH is included. -@@ -328,8 +319,7 @@ - description="Target for the gump run"/> - - <target name="compile" -- depends="compile.library,compile.samples, compile.tests, -- compile.interops, fix.properties" -+ depends="compile.library, fix.properties" - description="compile everything"/> - - <target name="test" -@@ -411,11 +401,6 @@ - <target name="systemTests" unless="skip.tests" depends="compile" - if="junit.present" - description="Runs all JUnit tests"> -- <runaxisfunctionaltests -- url="http://localhost:8088"; -- httpServerTarget="start-functional-test-http-server" -- testTarget="allTests" -- httpStopTarget="stop-functional-test-http-server"/> - </target> - - <target name="start-functional-test-http-server" if="junit.present"> -@@ -707,7 +692,7 @@ - </target> - - <target name="jar" -- depends="compile, test" -+ depends="compile" - description="Creates the ${jar.library}"> - - <jar jarfile="${build.dir}/${jar.library}" diff --git a/debian/patches/no-opensaml.patch b/debian/patches/no-opensaml.patch deleted file mode 100644 index 0c0d187..0000000 --- a/debian/patches/no-opensaml.patch +++ /dev/null @@ -1,254 +0,0 @@ ---- a/build.xml -+++ b/build.xml -@@ -339,6 +339,8 @@ - <!-- Compile the java code from ${dir.src} into ${build.classes} --> - <javac srcdir="${dir.src}" destdir="${build.classes}" debug="on" source="1.3" target="1.3"> - <classpath refid="classpath.library"/> -+ <exclude name="**/*SAMLToken*.java"/> -+ <exclude name="org/apache/ws/security/saml/**"/> - <exclude name="**/Merlin.java" unless="merlin.ok"/> - <exclude name="**/sandbox/**/*.java" if="jdk13.present" /> - </javac> ---- a/src/org/apache/ws/security/message/WSSecDKSign.java -+++ b/src/org/apache/ws/security/message/WSSecDKSign.java -@@ -28,7 +28,7 @@ - import org.apache.ws.security.conversation.ConversationException; - import org.apache.ws.security.message.token.Reference; - import org.apache.ws.security.message.token.SecurityTokenReference; --import org.apache.ws.security.saml.SAMLUtil; -+//import org.apache.ws.security.saml.SAMLUtil; - import org.apache.ws.security.transform.STRTransform; - import org.apache.ws.security.util.WSSecurityUtil; - import org.apache.xml.security.algorithms.SignatureAlgorithm; -@@ -295,7 +295,7 @@ - Element ctx = createSTRParameter(document); - transforms.addTransform(STRTransform.implementedTransformURI, ctx); - sig.addDocument("#" + strUri, transforms); -- } else if (elemName.equals("Assertion")) { // Assertion -+ } /* else if (elemName.equals("Assertion")) { // Assertion - String id = SAMLUtil.getAssertionId(envel, elemName, nmSpace); - - Element body = -@@ -319,7 +319,7 @@ - body.setAttributeNS(WSConstants.WSU_NS, prefix + ":Id", id); - sig.addDocument("#" + id, transforms); - -- } else { -+ } */ else { - Element body = (Element) WSSecurityUtil.findElement(envel, elemName, nmSpace); - if (body == null) { - throw new WSSecurityException( ---- a/src/org/apache/ws/security/message/WSSecSignature.java -+++ b/src/org/apache/ws/security/message/WSSecSignature.java -@@ -1,4 +1,4 @@ --/* -+/* /* - * Copyright 2003-2004 The Apache Software Foundation. - * - * Licensed under the Apache License, Version 2.0 (the "License"); -@@ -31,7 +31,7 @@ - import org.apache.ws.security.message.token.Reference; - import org.apache.ws.security.message.token.SecurityTokenReference; - import org.apache.ws.security.message.token.X509Security; --import org.apache.ws.security.saml.SAMLUtil; -+//import org.apache.ws.security.saml.SAMLUtil; - import org.apache.ws.security.transform.STRTransform; - import org.apache.ws.security.util.Base64; - import org.apache.ws.security.util.WSSecurityUtil; -@@ -558,7 +558,7 @@ - Element ctx = createSTRParameter(document); - transforms.addTransform(STRTransform.implementedTransformURI, ctx); - sig.addDocument("#" + strUri, transforms, digestAlgo); -- } else if (elemName.equals("Assertion")) { // Assertion -+ }/* else if (elemName.equals("Assertion")) { // Assertion - String id = null; - id = SAMLUtil.getAssertionId(envelope, elemName, nmSpace); - -@@ -581,7 +581,7 @@ - WSSecurityUtil.setNamespace(body, WSConstants.WSU_NS, WSConstants.WSU_PREFIX); - body.setAttributeNS(WSConstants.WSU_NS, prefix + ":Id", id); - sig.addDocument("#" + id, transforms, digestAlgo); -- } else { -+ }*/ else { - Element body = - (Element)WSSecurityUtil.findElement(envelope, elemName, nmSpace); - if (body == null) { ---- a/src/org/apache/ws/security/message/WSSignEnvelope.java -+++ b/src/org/apache/ws/security/message/WSSignEnvelope.java -@@ -31,7 +31,7 @@ - import org.apache.ws.security.message.token.Reference; - import org.apache.ws.security.message.token.SecurityTokenReference; - import org.apache.ws.security.message.token.X509Security; --import org.apache.ws.security.saml.SAMLUtil; -+//import org.apache.ws.security.saml.SAMLUtil; - import org.apache.ws.security.transform.STRTransform; - import org.apache.ws.security.util.WSSecurityUtil; - import org.apache.xml.security.algorithms.SignatureAlgorithm; -@@ -416,7 +416,7 @@ - transforms.addTransform( - STRTransform.implementedTransformURI, ctx); - sig.addDocument("#" + secRefId, transforms); -- } else if (elemName.equals("Assertion")) { // Assertion -+ } /*else if (elemName.equals("Assertion")) { // Assertion - - String id = null; - id = SAMLUtil.getAssertionId(envelope, elemName, nmSpace); -@@ -443,7 +443,7 @@ - id); - sig.addDocument("#" + id, transforms); - -- } else { -+ } */ else { - Element body = (Element) WSSecurityUtil.findElement( - envelope, elemName, nmSpace); - if (body == null) { ---- a/src/org/apache/ws/security/processor/DerivedKeyTokenProcessor.java -+++ b/src/org/apache/ws/security/processor/DerivedKeyTokenProcessor.java -@@ -30,8 +30,8 @@ - import org.apache.ws.security.message.token.DerivedKeyToken; - import org.apache.ws.security.message.token.Reference; - import org.apache.ws.security.message.token.SecurityTokenReference; --import org.apache.ws.security.saml.SAMLKeyInfo; --import org.apache.ws.security.saml.SAMLUtil; -+//import org.apache.ws.security.saml.SAMLKeyInfo; -+//import org.apache.ws.security.saml.SAMLUtil; - import org.apache.ws.security.util.Base64; - import org.w3c.dom.Element; - -@@ -165,13 +165,14 @@ - this.secret = ((EncryptedKeyProcessor) processor).getDecryptedBytes(); - } else if (processor instanceof SecurityContextTokenProcessor) { - this.secret = ((SecurityContextTokenProcessor) processor).getSecret(); -- } else if (processor instanceof SAMLTokenProcessor) { -+/* } else if (processor instanceof SAMLTokenProcessor) { - SAMLTokenProcessor samlp = (SAMLTokenProcessor) processor; - SAMLKeyInfo keyInfo = - SAMLUtil.getSAMLKeyInfo(samlp.getSamlTokenElement(), crypto, cb); - // TODO Handle malformed SAML tokens where they don't have the - // secret in them - this.secret = keyInfo.getSecret(); -+*/ - } else { - throw new WSSecurityException( - WSSecurityException.FAILED_CHECK, "unsupportedKeyId" ---- a/src/org/apache/ws/security/processor/ReferenceListProcessor.java -+++ b/src/org/apache/ws/security/processor/ReferenceListProcessor.java -@@ -36,8 +36,8 @@ - import org.apache.ws.security.components.crypto.Crypto; - import org.apache.ws.security.message.token.Reference; - import org.apache.ws.security.message.token.SecurityTokenReference; --import org.apache.ws.security.saml.SAMLKeyInfo; --import org.apache.ws.security.saml.SAMLUtil; -+//import org.apache.ws.security.saml.SAMLKeyInfo; -+//import org.apache.ws.security.saml.SAMLUtil; - import org.apache.ws.security.util.WSSecurityUtil; - import org.apache.xml.security.encryption.XMLCipher; - import org.apache.xml.security.encryption.XMLEncryptionException; -@@ -310,8 +310,8 @@ - } - Processor p = wsDocInfo.getProcessor(id); - if (!(p instanceof EncryptedKeyProcessor -- || p instanceof DerivedKeyTokenProcessor -- || p instanceof SAMLTokenProcessor) -+ || p instanceof DerivedKeyTokenProcessor ) -+/* || p instanceof SAMLTokenProcessor) */ - ) { - // Try custom token - WSPasswordCallback pwcb = new WSPasswordCallback(id, WSPasswordCallback.CUSTOM_TOKEN); -@@ -340,14 +340,14 @@ - } else if (p instanceof DerivedKeyTokenProcessor) { - DerivedKeyTokenProcessor dkp = (DerivedKeyTokenProcessor) p; - decryptedData = dkp.getKeyBytes(WSSecurityUtil.getKeyLength(algorithm)); -- } else if (p instanceof SAMLTokenProcessor) { -+ } /*else if (p instanceof SAMLTokenProcessor) { - SAMLTokenProcessor samlp = (SAMLTokenProcessor) p; - SAMLKeyInfo keyInfo = - SAMLUtil.getSAMLKeyInfo(samlp.getSamlTokenElement(), crypto, cb); - // TODO Handle malformed SAML tokens where they don't have the - // secret in them - decryptedData = keyInfo.getSecret(); -- } -+ }*/ - } else if (secRef.containsKeyIdentifier()){ - String sha = secRef.getKeyIdentifierValue(); - WSPasswordCallback pwcb = ---- a/src/org/apache/ws/security/processor/SignatureProcessor.java -+++ b/src/org/apache/ws/security/processor/SignatureProcessor.java -@@ -42,8 +42,8 @@ - import org.apache.ws.security.message.token.SecurityTokenReference; - import org.apache.ws.security.message.token.UsernameToken; - import org.apache.ws.security.message.token.X509Security; --import org.apache.ws.security.saml.SAMLKeyInfo; --import org.apache.ws.security.saml.SAMLUtil; -+//import org.apache.ws.security.saml.SAMLKeyInfo; -+//import org.apache.ws.security.saml.SAMLUtil; - import org.apache.ws.security.util.WSSecurityUtil; - import org.apache.xml.security.exceptions.XMLSecurityException; - import org.apache.xml.security.keys.KeyInfo; -@@ -51,7 +51,7 @@ - import org.apache.xml.security.signature.SignedInfo; - import org.apache.xml.security.signature.XMLSignature; - import org.apache.xml.security.signature.XMLSignatureException; --import org.opensaml.SAMLAssertion; -+//import org.opensaml.SAMLAssertion; - import org.w3c.dom.Element; - import org.w3c.dom.Node; - -@@ -208,7 +208,7 @@ - byte[] secretKey = null; - UsernameToken ut = null; - DerivedKeyToken dkt = null; -- SAMLKeyInfo samlKi = null; -+ //SAMLKeyInfo samlKi = null; - String customTokenId = null; - java.security.PublicKey publicKey = null; - -@@ -268,7 +268,7 @@ - if (el.equals(WSSecurityEngine.binaryToken)) { - // TODO: Use results from BinarySecurityTokenProcessor - certs = getCertificatesTokenReference(token, crypto); -- } else if (el.equals(WSSecurityEngine.SAML_TOKEN)) { -+/* } else if (el.equals(WSSecurityEngine.SAML_TOKEN)) { - if (crypto == null) { - throw new WSSecurityException( - WSSecurityException.FAILURE, "noSigCryptoFile" -@@ -277,7 +277,7 @@ - samlKi = SAMLUtil.getSAMLKeyInfo(token, crypto, cb); - certs = samlKi.getCerts(); - secretKey = samlKi.getSecret(); -- -+*/ - } else if (el.equals(WSSecurityEngine.ENCRYPTED_KEY)){ - String encryptedKeyID = token.getAttributeNS(null,"Id"); - EncryptedKeyProcessor encryptKeyProcessor = -@@ -349,7 +349,7 @@ - ); - } - secretKey = pwcb.getKey(); -- } else if (WSConstants.WSS_SAML_KI_VALUE_TYPE.equals(secRef.getKeyIdentifierValueType())) { -+/* } else if (WSConstants.WSS_SAML_KI_VALUE_TYPE.equals(secRef.getKeyIdentifierValueType())) { - Element token = - secRef.getKeyIdentifierTokenElement(elem.getOwnerDocument(), wsDocInfo, cb); - -@@ -361,6 +361,7 @@ - samlKi = SAMLUtil.getSAMLKeyInfo(token, crypto, cb); - certs = samlKi.getCerts(); - secretKey = samlKi.getSecret(); -+*/ - } else { - certs = secRef.getKeyIdentifier(crypto); - } -@@ -514,11 +515,12 @@ - } - principal.setBasetokenId(basetokenId); - return principal; -- } else if (samlKi != null) { -+/* } else if (samlKi != null) { - final SAMLAssertion assertion = samlKi.getAssertion(); - CustomTokenPrincipal principal = new CustomTokenPrincipal(assertion.getId()); - principal.setTokenObject(assertion); - return principal; -+*/ - } else if (secretKey != null) { - // This is the custom key scenario - return new CustomTokenPrincipal(customTokenId); diff --git a/debian/patches/series b/debian/patches/series index 90b9ba2..1591d9b 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1,2 +1 @@ -build.patch -no-opensaml.patch +01-no-saml.patch diff --git a/debian/rules b/debian/rules index de40c1f..b1754d7 100755 --- a/debian/rules +++ b/debian/rules @@ -1,30 +1,11 @@ #!/usr/bin/make -f include /usr/share/cdbs/1/rules/debhelper.mk -include /usr/share/cdbs/1/class/ant.mk +include /usr/share/cdbs/1/class/maven.mk -SRCARCHIVE := http://www.apache.org/dist/ws/wss4j -SRCDIRECTORY := $(shell echo $(DEB_UPSTREAM_VERSION) | sed 'y/\./_/') -UPSTREAM_VERSION := $(shell echo $(DEB_UPSTREAM_VERSION) | sed 's/\+svntag//') -JAVA_HOME := /usr/lib/jvm/default-java -DEB_ANT_CLEAN_TARGET := debian-clean -DEB_ANT_BUILDFILE := debian/build.xml -DEB_JARS := axis commons-logging xalan2 bcprov jaxrpc xmlsec +JAVA_HOME := /usr/lib/jvm/default-java -DEB_INSTALL_CHANGELOGS_ALL = ChangeLog.txt - -binary-post-install/lib$(DEB_SOURCE_PACKAGE)-java:: - dh_install -plib$(DEB_SOURCE_PACKAGE)-java build/$(DEB_SOURCE_PACKAGE)-$(UPSTREAM_VERSION).jar usr/share/java - dh_link -plib$(DEB_SOURCE_PACKAGE)-java usr/share/java/$(DEB_SOURCE_PACKAGE)-$(UPSTREAM_VERSION).jar usr/share/java/$(DEB_SOURCE_PACKAGE).jar +DEB_INSTALL_CHANGELOGS_ALL := ChangeLog.txt get-orig-source: - ./debian/orig-tar.sh --upstream-version $(UPSTREAM_VERSION) - -get-orig-source-from-zip: - mkdir -p orig_tmp - cd orig_tmp && \ - wget $(SRCARCHIVE)/$(SRCDIRECTORY)/wss4j-src-$(UPSTREAM_VERSION).zip && \ - unzip wss4j-src-$(UPSTREAM_VERSION).zip && \ - GZIP="--best --no-name" tar czf ../../wss4j_$(UPSTREAM_VERSION).orig.tar.gz wss4j && \ - cd .. - rm -rf orig_tmp + uscan --download-version $(DEB_UPSTREAM_VERSION) --force-download --rename -- Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-java/wss4j.git _______________________________________________ pkg-java-commits mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-commits
