Author: ruchithf
Date: Sat Jul 14 02:35:56 2007
New Revision: 556251
URL: http://svn.apache.org/viewvc?view=rev&rev=556251
Log:
Fixed a few typos and updated rampart to support latest WSS4J chanegs
Modified:
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/RampartMessageData.java
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/TokenCallbackHandler.java
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/BindingBuilder.java
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/SymmetricBindingBuilder.java
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/TransportBindingBuilder.java
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/handler/RampartReceiver.java
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java
webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/client/STSClient.java
webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/impl/SAMLTokenIssuer.java
Modified:
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java?view=diff&rev=556251&r1=556250&r2=556251
==============================================================================
---
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
(original)
+++
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
Sat Jul 14 02:35:56 2007
@@ -16,26 +16,37 @@
package org.apache.rampart;
-import java.util.ArrayList;
-import java.util.Iterator;
-import java.util.Vector;
-
-import javax.xml.namespace.QName;
-
+import org.apache.axiom.om.OMElement;
import org.apache.axiom.soap.SOAPEnvelope;
import org.apache.axiom.soap.SOAPHeaderBlock;
import org.apache.axis2.AxisFault;
import org.apache.axis2.context.MessageContext;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.rahas.Token;
+import org.apache.rahas.TrustException;
import org.apache.rampart.policy.RampartPolicyData;
import org.apache.rampart.util.Axis2Util;
import org.apache.rampart.util.RampartUtil;
import org.apache.ws.secpolicy.WSSPolicyException;
import org.apache.ws.security.WSConstants;
import org.apache.ws.security.WSSecurityEngine;
+import org.apache.ws.security.WSSecurityEngineResult;
import org.apache.ws.security.WSSecurityException;
+import org.apache.ws.security.components.crypto.Crypto;
+import org.apache.ws.security.handler.WSHandlerResult;
+import org.apache.ws.security.saml.SAMLKeyInfo;
+import org.apache.ws.security.saml.SAMLUtil;
import org.apache.ws.security.util.WSSecurityUtil;
+import org.opensaml.SAMLAssertion;
+import org.opensaml.SAMLException;
+
+import javax.xml.namespace.QName;
+
+import java.util.ArrayList;
+import java.util.Date;
+import java.util.Iterator;
+import java.util.Vector;
public class RampartEngine {
@@ -98,7 +109,10 @@
String actorValue = secHeader.getAttributeValue(new QName(rmd
.getSoapConstants().getEnvelopeURI(), "actor"));
- if(rpd.isSymmetricBinding()) {
+ Crypto signatureCrypto =
RampartUtil.getSignatureCrypto(rpd.getRampartConfig(),
+ msgCtx.getAxisService().getClassLoader());
+ TokenCallbackHandler tokenCallbackHandler = new
TokenCallbackHandler(rmd.getTokenStorage(), RampartUtil.getPasswordCB(rmd));
+ if(rpd.isSymmetricBinding()) {
//Here we have to create the CB handler to get the
tokens from the
//token storage
if(doDebug){
@@ -107,18 +121,16 @@
results =
engine.processSecurityHeader(rmd.getDocument(),
actorValue,
- new
TokenCallbackHandler(rmd.getTokenStorage(), RampartUtil.getPasswordCB(rmd)),
-
RampartUtil.getSignatureCrypto(rpd.getRampartConfig(),
-
msgCtx.getAxisService().getClassLoader()));
+ tokenCallbackHandler,
+ signatureCrypto);
} else {
if(doDebug){
log.debug("Processing security header in normal
path");
}
results =
engine.processSecurityHeader(rmd.getDocument(),
actorValue,
- new
TokenCallbackHandler(rmd.getTokenStorage(), RampartUtil.getPasswordCB(rmd)),
-
RampartUtil.getSignatureCrypto(rpd.getRampartConfig(),
-
msgCtx.getAxisService().getClassLoader()),
+ tokenCallbackHandler,
+ signatureCrypto,
RampartUtil.getEncryptionCrypto(rpd.getRampartConfig(),
msgCtx.getAxisService().getClassLoader()));
}
@@ -127,6 +139,36 @@
t1 = System.currentTimeMillis();
}
+ //Store symm tokens
+ //Pick the first SAML token
+ //TODO : This is a hack , MUST FIX
+ //get the sec context id from the req msg ctx
+
+ for (int j = 0; j < results.size(); j++) {
+ WSSecurityEngineResult wser = (WSSecurityEngineResult)
results.get(j);
+ final Integer actInt =
+ (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
+ if(WSConstants.ST_UNSIGNED == actInt.intValue()) {
+ final SAMLAssertion assertion =
+ ((SAMLAssertion) wser
+ .get(WSSecurityEngineResult.TAG_SAML_ASSERTION));
+ String id = assertion.getId();
+ Date created = assertion.getNotBefore();
+ Date expires = assertion.getNotOnOrAfter();
+ SAMLKeyInfo samlKi = SAMLUtil.getSAMLKeyInfo(assertion,
+ signatureCrypto, tokenCallbackHandler);
+ try {
+ Token token = new Token(id, (OMElement)assertion.toDOM(),
created, expires);
+ token.setSecret(samlKi.getSecret());
+ rmd.getTokenStorage().add(token);
+ } catch (Exception e) {
+ throw new RampartException(
+ "errorInAddingTokenIntoStore", e);
+ }
+
+ }
+
+ }
SOAPEnvelope env =
Axis2Util.getSOAPEnvelopeFromDOMDocument(rmd.getDocument(), true);
Modified:
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/RampartMessageData.java
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/RampartMessageData.java?view=diff&rev=556251&r1=556250&r2=556251
==============================================================================
---
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/RampartMessageData.java
(original)
+++
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/RampartMessageData.java
Sat Jul 14 02:35:56 2007
@@ -49,6 +49,7 @@
import org.apache.ws.security.message.token.SecurityContextToken;
import org.apache.ws.security.util.Loader;
import org.apache.ws.security.util.WSSecurityUtil;
+import org.opensaml.SAMLAssertion;
import org.w3c.dom.Document;
import java.util.List;
@@ -429,7 +430,33 @@
* @return Returns the issuedSignatureTokenId.
*/
public String getIssuedSignatureTokenId() {
- return issuedSignatureTokenId;
+ if(this.isInitiator) {
+ return issuedSignatureTokenId;
+ } else {
+ //Pick the first SAML token
+ //TODO : This is a hack , MUST FIX
+ //get the sec context id from the req msg ctx
+ Vector results =
(Vector)this.msgContext.getProperty(WSHandlerConstants.RECV_RESULTS);
+ for (int i = 0; i < results.size(); i++) {
+ WSHandlerResult rResult = (WSHandlerResult) results.get(i);
+ Vector wsSecEngineResults = rResult.getResults();
+
+ for (int j = 0; j < wsSecEngineResults.size(); j++) {
+ WSSecurityEngineResult wser = (WSSecurityEngineResult)
wsSecEngineResults
+ .get(j);
+ final Integer actInt =
+ (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
+ if(WSConstants.ST_UNSIGNED == actInt.intValue()) {
+ final SAMLAssertion assertion =
+ ((SAMLAssertion) wser
+
.get(WSSecurityEngineResult.TAG_SAML_ASSERTION));
+ return assertion.getId();
+ }
+
+ }
+ }
+ return null;
+ }
}
/**
Modified:
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/TokenCallbackHandler.java
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/TokenCallbackHandler.java?view=diff&rev=556251&r1=556250&r2=556251
==============================================================================
---
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/TokenCallbackHandler.java
(original)
+++
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/TokenCallbackHandler.java
Sat Jul 14 02:35:56 2007
@@ -19,6 +19,7 @@
import org.apache.rahas.Token;
import org.apache.rahas.TokenStorage;
import org.apache.ws.security.WSPasswordCallback;
+import org.w3c.dom.Element;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
@@ -44,7 +45,8 @@
if (callbacks[i] instanceof WSPasswordCallback) {
WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
- if(pc.getUsage() == WSPasswordCallback.SECURITY_CONTEXT_TOKEN
&&
+ if((pc.getUsage() == WSPasswordCallback.SECURITY_CONTEXT_TOKEN
||
+ pc.getUsage() == WSPasswordCallback.CUSTOM_TOKEN) &&
this.store != null) {
String id = pc.getIdentifer();
Token tok;
@@ -54,6 +56,7 @@
if(tok != null) {
//Get the secret and set it in the callback object
pc.setKey(tok.getSecret());
+ pc.setCustomToken((Element)tok.getToken());
}
} catch (Exception e) {
e.printStackTrace();
Modified:
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/BindingBuilder.java
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/BindingBuilder.java?view=diff&rev=556251&r1=556250&r2=556251
==============================================================================
---
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/BindingBuilder.java
(original)
+++
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/BindingBuilder.java
Sat Jul 14 02:35:56 2007
@@ -542,8 +542,38 @@
"errorInDerivedKeyTokenSignature", e);
}
} else {
- //TODO : Example SAMLTOken Signature
- throw new UnsupportedOperationException("TODO");
+ try {
+ WSSecSignature sig = new WSSecSignature();
+ sig.setWsConfig(rmd.getConfig());
+ sig.setCustomTokenId(tok.getId());
+ sig.setCustomTokenValueType(WSConstants.WSS_SAML_NS +
+ WSConstants.SAML_ASSERTION_ID);
+ sig.setSecretKey(tok.getSecret());
+
sig.setSignatureAlgorithm(rpd.getAlgorithmSuite().getAsymmetricSignature());
+
sig.setSignatureAlgorithm(rpd.getAlgorithmSuite().getSymmetricSignature());
+ sig.setKeyIdentifierType(WSConstants.CUSTOM_SYMM_SIGNING);
+ sig.prepare(rmd.getDocument(),
RampartUtil.getSignatureCrypto(rpd
+ .getRampartConfig(), rmd.getCustomClassLoader()),
+ rmd.getSecHeader());
+
+ sig.setParts(sigParts);
+ sig.addReferencesToSign(sigParts, rmd.getSecHeader());
+
+ //Do signature
+ sig.computeSignature();
+
+
+ this.setInsertionLocation(RampartUtil.insertSiblingAfter(
+ rmd,
+ this.getInsertionLocation(),
+ sig.getSignatureElement()));
+
+ return sig.getSignatureValue();
+
+ } catch (WSSecurityException e) {
+ throw new RampartException("errorInSignatureWithACustomToken",
e);
+ }
+
}
}
Modified:
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/SymmetricBindingBuilder.java
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/SymmetricBindingBuilder.java?view=diff&rev=556251&r1=556250&r2=556251
==============================================================================
---
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/SymmetricBindingBuilder.java
(original)
+++
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/SymmetricBindingBuilder.java
Sat Jul 14 02:35:56 2007
@@ -512,19 +512,26 @@
WSSecEncrypt encr = new WSSecEncrypt();
encr.setWsConfig(rmd.getConfig());
-
+ encr.setEncKeyId(encrTokId);
encr.setEphemeralKey(encrTok.getSecret());
RampartUtil.setEncryptionUser(rmd, encr);
encr.setDocument(doc);
+ encr.setEncryptSymmKey(false);
encr.prepare(doc, RampartUtil.getEncryptionCrypto(rpd
.getRampartConfig(), rmd.getCustomClassLoader()));
//Encrypt, get hold of the ref list and add it
refList = encr.encryptForExternalRef(null, encrParts);
- RampartUtil.insertSiblingAfter(rmd,
+ if(encrTokElem != null) {
+ RampartUtil.insertSiblingAfter(rmd,
encrTokElem,
refList);
+ } else {
+ RampartUtil.insertSiblingAfter(rmd,
+ this.timestampElement,
+ refList);
+ }
} catch (WSSecurityException e) {
throw new RampartException("errorInEncryption", e);
}
@@ -594,7 +601,7 @@
MessageContext msgContext = rmd.getMsgContext();
if(rpd.isSymmetricBinding() && !msgContext.isServerSide()) {
- log.debug("Procesing symmentric binding: " +
+ log.debug("Processing symmetric binding: " +
"Setting up encryption token and signature token");
//Setting up encryption token and signature token
@@ -612,7 +619,6 @@
String id = RampartUtil.getIssuedToken(rmd,
issuedToken);
rmd.setIssuedSignatureTokenId(id);
-
}
Modified:
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/TransportBindingBuilder.java
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/TransportBindingBuilder.java?view=diff&rev=556251&r1=556250&r2=556251
==============================================================================
---
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/TransportBindingBuilder.java
(original)
+++
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/TransportBindingBuilder.java
Sat Jul 14 02:35:56 2007
@@ -98,9 +98,6 @@
//Add the UT
utBuilder.appendToHeader(rmd.getSecHeader());
- } else if(token instanceof IssuedToken) {
- //TODO Handle issued token
-
} else {
throw new
RampartException("unsupportedSignedSupportingToken",
new String[]{"{"
+token.getName().getNamespaceURI()
@@ -299,8 +296,18 @@
tokenIncluded = true;
}
-
- //check for dirived keys
+
+ Vector sigParts = new Vector();
+
+ if(this.timestampElement != null){
+ sigParts.add(new WSEncryptionPart(rmd.getTimestampId()));
+ }
+
+ if(rpd.isTokenProtection() && tokenIncluded) {
+ sigParts.add(new WSEncryptionPart(id));
+ }
+
+ //check for derived keys
if(token.isDerivedKeys()) {
//Create a derived key and add
try {
@@ -327,16 +334,6 @@
dkSign.appendDKElementToHeader(rmd.getSecHeader());
- Vector sigParts = new Vector();
-
- if(this.timestampElement != null){
- sigParts.add(new WSEncryptionPart(rmd.getTimestampId()));
- }
-
- if(rpd.isTokenProtection() && tokenIncluded) {
- sigParts.add(new WSEncryptionPart(id));
- }
-
dkSign.setParts(sigParts);
dkSign.addReferencesToSign(sigParts, rmd.getSecHeader());
@@ -357,8 +354,44 @@
}
} else {
- //TODO: Do signature withtout derived keys with the Issuedtoken ??
- return null;
+ try {
+ WSSecSignature sig = new WSSecSignature();
+ sig.setWsConfig(rmd.getConfig());
+ sig.setCustomTokenId(tok.getId().substring(1));
+ sig.setCustomTokenValueType(WSConstants.WSS_SAML_NS +
+ WSConstants.SAML_ASSERTION_ID);
+ sig.setSecretKey(tok.getSecret());
+
sig.setSignatureAlgorithm(rpd.getAlgorithmSuite().getAsymmetricSignature());
+
sig.setSignatureAlgorithm(rpd.getAlgorithmSuite().getSymmetricSignature());
+ sig.setKeyIdentifierType(WSConstants.CUSTOM_SYMM_SIGNING);
+ sig.prepare(rmd.getDocument(),
RampartUtil.getSignatureCrypto(rpd
+ .getRampartConfig(), rmd.getCustomClassLoader()),
+ rmd.getSecHeader());
+
+ sig.setParts(sigParts);
+ sig.addReferencesToSign(sigParts, rmd.getSecHeader());
+
+ //Do signature
+ sig.computeSignature();
+
+ //Add elements to header
+ Element tokElem =
(Element)doc.importNode((Element)tok.getToken(), true);
+
+ this.setInsertionLocation(RampartUtil
+ .insertSiblingAfter(rmd,
+ this.getInsertionLocation(),
+ tokElem));
+
+ this.setInsertionLocation(RampartUtil.insertSiblingAfter(
+ rmd,
+ this.getInsertionLocation(),
+ sig.getSignatureElement()));
+
+ return sig.getSignatureValue();
+
+ } catch (WSSecurityException e) {
+ throw new RampartException("errorInSignatureWithACustomToken",
e);
+ }
}
}
}
Modified:
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties?view=diff&rev=556251&r1=556250&r2=556251
==============================================================================
---
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties
(original)
+++
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties
Sat Jul 14 02:35:56 2007
@@ -40,6 +40,7 @@
errorInAddingTokenIntoStore = Error in adding token into store
errorInDerivedKeyTokenSignature = Error in DerivedKeyToken signature
errorInSignatureWithX509Token = Error in signature with X509Token
+errorInSignatureWithACustomToken = Error in signature with a custom token
errorCreatingEncryptedKey = Error in creating an encrypted key
errorGettingSignatureValuesForSigconf = Error in getting signature values for
signature confirmation
cannotLoadPWCBClass = Cannot load password callback class: {0}
Modified:
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/handler/RampartReceiver.java
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/handler/RampartReceiver.java?view=diff&rev=556251&r1=556250&r2=556251
==============================================================================
---
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/handler/RampartReceiver.java
(original)
+++
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/handler/RampartReceiver.java
Sat Jul 14 02:35:56 2007
@@ -70,9 +70,9 @@
if (!msgContext.isEngaged(WSSHandlerConstants.SECURITY_MODULE_NAME)) {
return InvocationResponse.CONTINUE;
}
-
+ System.out.println("Received MEssage: \n" + msgContext.getEnvelope() +
"\n\n");
if(mlog.isDebugEnabled()){
- mlog.debug("*********************** RampartReceiver recieved
\n"+msgContext.getEnvelope());
+ mlog.debug("*********************** RampartReceiver received
\n"+msgContext.getEnvelope());
}
RampartEngine engine = new RampartEngine();
Modified:
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java?view=diff&rev=556251&r1=556250&r2=556251
==============================================================================
---
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java
(original)
+++
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java
Sat Jul 14 02:35:56 2007
@@ -462,40 +462,49 @@
String issuerEpr, String action, Policy issuerPolicy) throws
RampartException {
try {
- Axis2Util.useDOOM(false);
-
- STSClient client = new STSClient(rmd.getMsgContext()
- .getConfigurationContext());
- // Set request action
- client.setAction(action);
-
- client.setRstTemplate(rstTemplate);
+ //First check whether the user has provided the token
+ MessageContext msgContext = rmd.getMsgContext();
+ String customTokeId = (String) msgContext
+ .getProperty(RampartMessageData.KEY_CUSTOM_ISSUED_TOKEN);
+ if(customTokeId != null) {
+ return customTokeId;
+ } else {
- // Set crypto information
- Crypto crypto =
RampartUtil.getSignatureCrypto(rmd.getPolicyData().getRampartConfig(),
- rmd.getMsgContext().getAxisService().getClassLoader());
- CallbackHandler cbh = RampartUtil.getPasswordCB(rmd);
- client.setCryptoInfo(crypto, cbh);
-
- // Get service policy
- Policy servicePolicy = rmd.getServicePolicy();
-
- // Get service epr
- String servceEprAddress = rmd.getMsgContext()
- .getOptions().getTo().getAddress();
-
- //Make the request
- org.apache.rahas.Token rst =
- client.requestSecurityToken(servicePolicy,
- issuerEpr,
- issuerPolicy,
- servceEprAddress);
-
- //Add the token to token storage
- rst.setState(Token.ISSUED);
- rmd.getTokenStorage().add(rst);
- Axis2Util.useDOOM(true);
- return rst.getId();
+ Axis2Util.useDOOM(false);
+
+ STSClient client = new STSClient(rmd.getMsgContext()
+ .getConfigurationContext());
+ // Set request action
+ client.setAction(action);
+
+ client.setRstTemplate(rstTemplate);
+
+ // Set crypto information
+ Crypto crypto =
RampartUtil.getSignatureCrypto(rmd.getPolicyData().getRampartConfig(),
+ rmd.getMsgContext().getAxisService().getClassLoader());
+ CallbackHandler cbh = RampartUtil.getPasswordCB(rmd);
+ client.setCryptoInfo(crypto, cbh);
+
+ // Get service policy
+ Policy servicePolicy = rmd.getServicePolicy();
+
+ // Get service epr
+ String servceEprAddress = rmd.getMsgContext()
+ .getOptions().getTo().getAddress();
+
+ //Make the request
+ org.apache.rahas.Token rst =
+ client.requestSecurityToken(servicePolicy,
+ issuerEpr,
+ issuerPolicy,
+ servceEprAddress);
+
+ //Add the token to token storage
+ rst.setState(Token.ISSUED);
+ rmd.getTokenStorage().add(rst);
+ Axis2Util.useDOOM(true);
+ return rst.getId();
+ }
} catch (Exception e) {
throw new RampartException("errorInObtainingToken", e);
}
Modified:
webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/client/STSClient.java
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/client/STSClient.java?view=diff&rev=556251&r1=556250&r2=556251
==============================================================================
---
webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/client/STSClient.java
(original)
+++
webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/client/STSClient.java
Sat Jul 14 02:35:56 2007
@@ -140,7 +140,7 @@
*
* @param issuerAddress
* @param tokenId
- * @return true is the Token was successfully cancelled. False otherwise.
+ * @return true is the Token was successfully canceled. False otherwise.
* @throws TrustException
*/
public boolean cancelToken(String issuerAddress,
@@ -364,7 +364,8 @@
return null;
}
- if (child.getQName().equals(new QName(WSConstants.SIG_NS, "KeyInfo")))
{
+ if (child.getQName().equals(new QName(WSConstants.SIG_NS, "KeyInfo"))
||
+ child.getQName().equals(new QName(WSConstants.WSSE_NS,
"KeyIdentifier"))) {
return child.getText();
} else if(child.getQName().equals(Reference.TOKEN)) {
return child.getAttributeValue(new QName("URI"));
Modified:
webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/impl/SAMLTokenIssuer.java
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/impl/SAMLTokenIssuer.java?view=diff&rev=556251&r1=556250&r2=556251
==============================================================================
---
webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/impl/SAMLTokenIssuer.java
(original)
+++
webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/impl/SAMLTokenIssuer.java
Sat Jul 14 02:35:56 2007
@@ -375,19 +375,21 @@
*/
private X509Certificate getServiceCert(SAMLTokenIssuerConfig config,
Crypto crypto, String serviceAddress) throws WSSecurityException {
-
- if (serviceAddress != null && !"".equals(serviceAddress)) {
- String alias = (String) config.trustedServices.get(serviceAddress);
- if (alias != null) {
- return crypto.getCertificates(alias)[0];
- } else {
- alias = (String) config.trustedServices.get("*");
- return crypto.getCertificates(alias)[0];
- }
- } else {
- String alias = (String) config.trustedServices.get("*");
- return crypto.getCertificates(alias)[0];
- }
+
+ return crypto.getCertificates("bob")[0];
+//
+// if (serviceAddress != null && !"".equals(serviceAddress)) {
+// String alias = (String)
config.trustedServices.get(serviceAddress);
+// if (alias != null) {
+// return crypto.getCertificates(alias)[0];
+// } else {
+// alias = (String) config.trustedServices.get("*");
+// return crypto.getCertificates(alias)[0];
+// }
+// } else {
+// String alias = (String) config.trustedServices.get("*");
+// return crypto.getCertificates(alias)[0];
+// }
}
