rampart-integratio...

ruchithf Wed, 08 Aug 2007 01:30:49 -0700

Author: ruchithf
Date: Wed Aug  8 01:30:15 2007
New Revision: 563788

URL: http://svn.apache.org/viewvc?view=rev&rev=563788
Log:
Fixed RAMPART-64


Modified:
    
webservices/rampart/branches/java/1_3/modules/rampart-core/src/main/java/org/apache/rampart/builder/AsymmetricBindingBuilder.java
    
webservices/rampart/branches/java/1_3/modules/rampart-core/src/main/java/org/apache/rampart/builder/BindingBuilder.java
    
webservices/rampart/branches/java/1_3/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
    
webservices/rampart/branches/java/1_3/modules/rampart-integration/src/test/resources/rampart/policy/12.xml
    
webservices/rampart/branches/java/1_3/modules/rampart-integration/src/test/resources/rampart/services-12.xml
    
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/AsymmetricBindingBuilder.java
    
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/BindingBuilder.java
    
webservices/rampart/trunk/java/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
    
webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/policy/12.xml
    
webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/services-12.xml

Modified: 
webservices/rampart/branches/java/1_3/modules/rampart-core/src/main/java/org/apache/rampart/builder/AsymmetricBindingBuilder.java
URL: 
http://svn.apache.org/viewvc/webservices/rampart/branches/java/1_3/modules/rampart-core/src/main/java/org/apache/rampart/builder/AsymmetricBindingBuilder.java?view=diff&rev=563788&r1=563787&r2=563788
==============================================================================
--- 
webservices/rampart/branches/java/1_3/modules/rampart-core/src/main/java/org/apache/rampart/builder/AsymmetricBindingBuilder.java
 (original)
+++ 
webservices/rampart/branches/java/1_3/modules/rampart-core/src/main/java/org/apache/rampart/builder/AsymmetricBindingBuilder.java
 Wed Aug  8 01:30:15 2007
@@ -29,6 +29,8 @@
 import org.apache.ws.secpolicy.Constants;
 import org.apache.ws.secpolicy.model.SupportingToken;
 import org.apache.ws.secpolicy.model.Token;
+import org.apache.ws.secpolicy.model.Wss10;
+import org.apache.ws.secpolicy.model.Wss11;
 import org.apache.ws.security.WSConstants;
 import org.apache.ws.security.WSEncryptionPart;
 import org.apache.ws.security.WSSecurityException;
@@ -156,6 +158,21 @@
                     encr.setDocument(doc);
                     RampartUtil.setEncryptionUser(rmd, encr);
                     
encr.setSymmetricEncAlgorithm(rpd.getAlgorithmSuite().getEncryption());
+                    
if(encryptionToken.getInclusion().equals(Constants.INCLUDE_NEVER)) {
+                        Wss10 wss = rpd.getWss11();
+                        if(wss == null) {
+                            wss = rpd.getWss10();
+                        }
+                        if(wss.isMustSupportRefKeyIdentifier()) {
+                            
encr.setKeyIdentifierType(WSConstants.SKI_KEY_IDENTIFIER);
+                        } if(wss.isMustSupportRefIssuerSerial()) {
+                            
encr.setKeyIdentifierType(WSConstants.ISSUER_SERIAL);
+                        } else if(wss instanceof Wss11 && 
((Wss11)wss).isMustSupportRefThumbprint()) {
+                            
encr.setKeyIdentifierType(WSConstants.THUMBPRINT_IDENTIFIER);
+                        }
+                    } else {
+                        
encr.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
+                    }
                     
encr.setKeyEncAlgo(rpd.getAlgorithmSuite().getAsymmetricKeyWrap());
                     encr.prepare(doc, RampartUtil.getEncryptionCrypto(config, 
rmd.getCustomClassLoader()));
 
@@ -427,9 +444,15 @@
                     
                     
                     
if(encrToken.getInclusion().equals(Constants.INCLUDE_NEVER)) {
-                        if(rpd.getWss10() != null && 
rpd.getWss10().isMustSupportRefKeyIdentifier()) {
+                        Wss10 wss = rpd.getWss11();
+                        if(wss == null) {
+                            wss = rpd.getWss10();
+                        }
+                        if(wss.isMustSupportRefKeyIdentifier()) {
                             
encr.setKeyIdentifierType(WSConstants.SKI_KEY_IDENTIFIER);
-                        } else if(rpd.getWss11() != null && 
rpd.getWss11().isMustSupportRefThumbprint()) {
+                        } if(wss.isMustSupportRefIssuerSerial()) {
+                            
encr.setKeyIdentifierType(WSConstants.ISSUER_SERIAL);
+                        } else if(wss instanceof Wss11 && 
((Wss11)wss).isMustSupportRefThumbprint()) {
                             
encr.setKeyIdentifierType(WSConstants.THUMBPRINT_IDENTIFIER);
                         }
                     } else {

Modified: 
webservices/rampart/branches/java/1_3/modules/rampart-core/src/main/java/org/apache/rampart/builder/BindingBuilder.java
URL: 
http://svn.apache.org/viewvc/webservices/rampart/branches/java/1_3/modules/rampart-core/src/main/java/org/apache/rampart/builder/BindingBuilder.java?view=diff&rev=563788&r1=563787&r2=563788
==============================================================================
--- 
webservices/rampart/branches/java/1_3/modules/rampart-core/src/main/java/org/apache/rampart/builder/BindingBuilder.java
 (original)
+++ 
webservices/rampart/branches/java/1_3/modules/rampart-core/src/main/java/org/apache/rampart/builder/BindingBuilder.java
 Wed Aug  8 01:30:15 2007
@@ -42,6 +42,8 @@
 import org.apache.ws.secpolicy.model.SupportingToken;
 import org.apache.ws.secpolicy.model.Token;
 import org.apache.ws.secpolicy.model.UsernameToken;
+import org.apache.ws.secpolicy.model.Wss10;
+import org.apache.ws.secpolicy.model.Wss11;
 import org.apache.ws.secpolicy.model.X509Token;
 import org.apache.ws.security.WSConstants;
 import org.apache.ws.security.WSEncryptionPart;
@@ -175,16 +177,21 @@
         
         WSSecEncryptedKey encrKey = new WSSecEncryptedKey();
         if(token.getInclusion().equals(Constants.INCLUDE_NEVER)) {
-            if(rpd.getWss11() != null) {
-                //Use thumbprint
-                
encrKey.setKeyIdentifierType(WSConstants.THUMBPRINT_IDENTIFIER);
-            } else {
-                //Use SKI
+            Wss10 wss = rpd.getWss11();
+            if(wss == null) {
+                wss = rpd.getWss10();
+            }
+            if(wss.isMustSupportRefKeyIdentifier()) {
                 encrKey.setKeyIdentifierType(WSConstants.SKI_KEY_IDENTIFIER);
+            } if(wss.isMustSupportRefIssuerSerial()) {
+                encrKey.setKeyIdentifierType(WSConstants.ISSUER_SERIAL);
+            } else if(wss instanceof Wss11 && 
((Wss11)wss).isMustSupportRefThumbprint()) {
+                
encrKey.setKeyIdentifierType(WSConstants.THUMBPRINT_IDENTIFIER);
             }
         } else {
             encrKey.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
         }
+        
         try {
             RampartUtil.setEncryptionUser(rmd, encrKey);
             
encrKey.setKeySize(rpd.getAlgorithmSuite().getMaximumSymmetricKeyLength());
@@ -207,14 +214,17 @@
         sig.setWsConfig(rmd.getConfig());
         
         log.debug("Token inclusion: " + token.getInclusion());
-        if(token.getInclusion().equals(Constants.INCLUDE_NEVER) ||
-                (!rmd.isInitiator() && 
token.getInclusion().equals(Constants.INCLUDE_ALWAYS_TO_RECIPIENT))) {
-            if(rpd.getWss11() != null) {
-                //Use thumbprint
-                sig.setKeyIdentifierType(WSConstants.THUMBPRINT_IDENTIFIER);
-            } else {
-                //Use SKI
+        if(token.getInclusion().equals(Constants.INCLUDE_NEVER)) {
+            Wss10 wss = rpd.getWss11();
+            if(wss == null) {
+                wss = rpd.getWss10();
+            }
+            if(wss.isMustSupportRefKeyIdentifier()) {
                 sig.setKeyIdentifierType(WSConstants.SKI_KEY_IDENTIFIER);
+            } if(wss.isMustSupportRefIssuerSerial()) {
+                sig.setKeyIdentifierType(WSConstants.ISSUER_SERIAL);
+            } else if(wss instanceof Wss11 && 
((Wss11)wss).isMustSupportRefThumbprint()) {
+                sig.setKeyIdentifierType(WSConstants.THUMBPRINT_IDENTIFIER);
             }
         } else {
             sig.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);

Modified: 
webservices/rampart/branches/java/1_3/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
URL: 
http://svn.apache.org/viewvc/webservices/rampart/branches/java/1_3/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java?view=diff&rev=563788&r1=563787&r2=563788
==============================================================================
--- 
webservices/rampart/branches/java/1_3/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
 (original)
+++ 
webservices/rampart/branches/java/1_3/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
 Wed Aug  8 01:30:15 2007
@@ -76,7 +76,7 @@
                         "Unlimited Strength Jurisdiction Policy !!!");
             }
             
-            for (int i = 1; i <= 11; i++) { //<-The number of tests we have
+            for (int i = 1; i <= 12; i++) { //<-The number of tests we have
                 if(!basic256Supported && (i == 3 || i == 4 || i ==5)) {
                     //Skip the Basic256 tests
                     continue;

Modified: 
webservices/rampart/branches/java/1_3/modules/rampart-integration/src/test/resources/rampart/policy/12.xml
URL: 
http://svn.apache.org/viewvc/webservices/rampart/branches/java/1_3/modules/rampart-integration/src/test/resources/rampart/policy/12.xml?view=diff&rev=563788&r1=563787&r2=563788
==============================================================================
--- 
webservices/rampart/branches/java/1_3/modules/rampart-integration/src/test/resources/rampart/policy/12.xml
 (original)
+++ 
webservices/rampart/branches/java/1_3/modules/rampart-integration/src/test/resources/rampart/policy/12.xml
 Wed Aug  8 01:30:15 2007
@@ -16,16 +16,16 @@
  ! limitations under the License.
  !-->
  
-<wsp:Policy wsu:Id="SigEncrUT" 
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
 xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";>
+<wsp:Policy wsu:Id="policy" 
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
 xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";>
        <wsp:ExactlyOne>
                <wsp:All>
                        <sp:AsymmetricBinding 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
                                <wsp:Policy>
                                        <sp:InitiatorToken>
                                                <wsp:Policy>
-                                                       <sp:X509Token 
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";>
+                                                       <sp:X509Token 
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never";>
                                                                <wsp:Policy>
-                                                                       
<sp:WssX509V3Token10/>
+                                                                       
<sp:RequireKeyIdentifierReference/>
                                                                </wsp:Policy>
                                                        </sp:X509Token>
                                                </wsp:Policy>
@@ -34,7 +34,7 @@
                                                <wsp:Policy>
                                                        <sp:X509Token 
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never";>
                                                                <wsp:Policy>
-                                                                       
<sp:WssX509V3Token10/>
+                                                                       
<sp:RequireKeyIdentifierReference/>
                                                                </wsp:Policy>
                                                        </sp:X509Token>
                                                </wsp:Policy>
@@ -44,32 +44,21 @@
                                                        <sp:TripleDesRsa15/>
                                                </wsp:Policy>
                                        </sp:AlgorithmSuite>
-                                       <sp:Layout>
-                                               <wsp:Policy>
-                                                       <sp:Strict/>
-                                               </wsp:Policy>
-                                       </sp:Layout>
                                        <sp:IncludeTimestamp/>
-                                       <sp:OnlySignEntireHeadersAndBody/>
                                </wsp:Policy>
                        </sp:AsymmetricBinding>
-                       <sp:SignedSupportingTokens 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
-                               <wsp:Policy>
-                                       <sp:UsernameToken 
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";
 />
-                         </wsp:Policy>
-                       </sp:SignedSupportingTokens>
-                       <sp:Wss10 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+                       <sp:Wss11 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
                                <wsp:Policy>
                                        <sp:MustSupportRefKeyIdentifier/>
-                                       <sp:MustSupportRefIssuerSerial/>
                                </wsp:Policy>
-                       </sp:Wss10>
-                       <sp:SignedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
-                               <sp:Body/>
-                       </sp:SignedParts>
+                       </sp:Wss11>
                        <sp:EncryptedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
                                <sp:Body/>
                        </sp:EncryptedParts>
+                       <sp:SignedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+                               <sp:Body/>
+                       </sp:SignedParts>
+
                        <ramp:RampartConfig 
xmlns:ramp="http://ws.apache.org/rampart/policy";> 
                                <ramp:user>alice</ramp:user>
                                <ramp:encryptionUser>bob</ramp:encryptionUser>
@@ -90,7 +79,6 @@
                                        </ramp:crypto>
                                </ramp:encryptionCypto>
                        </ramp:RampartConfig>
-
                </wsp:All>
        </wsp:ExactlyOne>
 </wsp:Policy>

Modified: 
webservices/rampart/branches/java/1_3/modules/rampart-integration/src/test/resources/rampart/services-12.xml
URL: 
http://svn.apache.org/viewvc/webservices/rampart/branches/java/1_3/modules/rampart-integration/src/test/resources/rampart/services-12.xml?view=diff&rev=563788&r1=563787&r2=563788
==============================================================================
--- 
webservices/rampart/branches/java/1_3/modules/rampart-integration/src/test/resources/rampart/services-12.xml
 (original)
+++ 
webservices/rampart/branches/java/1_3/modules/rampart-integration/src/test/resources/rampart/services-12.xml
 Wed Aug  8 01:30:15 2007
@@ -27,16 +27,16 @@
                <actionMapping>urn:echo</actionMapping>
        </operation>
        
-<wsp:Policy wsu:Id="SigEncrUT" 
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
 xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";>
+<wsp:Policy wsu:Id="policy" 
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
 xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";>
        <wsp:ExactlyOne>
                <wsp:All>
                        <sp:AsymmetricBinding 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
                                <wsp:Policy>
                                        <sp:InitiatorToken>
                                                <wsp:Policy>
-                                                       <sp:X509Token 
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";>
+                                                       <sp:X509Token 
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never";>
                                                                <wsp:Policy>
-                                                                       
<sp:WssX509V3Token10/>
+                                                                       
<sp:RequireKeyIdentifierReference/>
                                                                </wsp:Policy>
                                                        </sp:X509Token>
                                                </wsp:Policy>
@@ -45,7 +45,7 @@
                                                <wsp:Policy>
                                                        <sp:X509Token 
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never";>
                                                                <wsp:Policy>
-                                                                       
<sp:WssX509V3Token10/>
+                                                                       
<sp:RequireKeyIdentifierReference/>
                                                                </wsp:Policy>
                                                        </sp:X509Token>
                                                </wsp:Policy>
@@ -55,32 +55,21 @@
                                                        <sp:TripleDesRsa15/>
                                                </wsp:Policy>
                                        </sp:AlgorithmSuite>
-                                       <sp:Layout>
-                                               <wsp:Policy>
-                                                       <sp:Strict/>
-                                               </wsp:Policy>
-                                       </sp:Layout>
                                        <sp:IncludeTimestamp/>
-                                       <sp:OnlySignEntireHeadersAndBody/>
                                </wsp:Policy>
                        </sp:AsymmetricBinding>
-                       <sp:SignedSupportingTokens 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
-                               <wsp:Policy>
-                                       <sp:UsernameToken 
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";
 />
-                         </wsp:Policy>
-                       </sp:SignedSupportingTokens>
-                       <sp:Wss10 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+                       <sp:Wss11 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
                                <wsp:Policy>
                                        <sp:MustSupportRefKeyIdentifier/>
-                                       <sp:MustSupportRefIssuerSerial/>
                                </wsp:Policy>
-                       </sp:Wss10>
-                       <sp:SignedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
-                               <sp:Body/>
-                       </sp:SignedParts>
+                       </sp:Wss11>
                        <sp:EncryptedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
                                <sp:Body/>
                        </sp:EncryptedParts>
+                       <sp:SignedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+                               <sp:Body/>
+                       </sp:SignedParts>
+
                        <ramp:RampartConfig 
xmlns:ramp="http://ws.apache.org/rampart/policy";> 
                                <ramp:user>bob</ramp:user>
                                <ramp:encryptionUser>alice</ramp:encryptionUser>
@@ -101,9 +90,7 @@
                                        </ramp:crypto>
                                </ramp:encryptionCypto>
                        </ramp:RampartConfig>
-
                </wsp:All>
        </wsp:ExactlyOne>
 </wsp:Policy>
-
 </service>

Modified: 
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/AsymmetricBindingBuilder.java
URL: 
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/AsymmetricBindingBuilder.java?view=diff&rev=563788&r1=563787&r2=563788
==============================================================================
--- 
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/AsymmetricBindingBuilder.java
 (original)
+++ 
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/AsymmetricBindingBuilder.java
 Wed Aug  8 01:30:15 2007
@@ -29,6 +29,8 @@
 import org.apache.ws.secpolicy.Constants;
 import org.apache.ws.secpolicy.model.SupportingToken;
 import org.apache.ws.secpolicy.model.Token;
+import org.apache.ws.secpolicy.model.Wss10;
+import org.apache.ws.secpolicy.model.Wss11;
 import org.apache.ws.security.WSConstants;
 import org.apache.ws.security.WSEncryptionPart;
 import org.apache.ws.security.WSSecurityException;
@@ -156,6 +158,21 @@
                     encr.setDocument(doc);
                     RampartUtil.setEncryptionUser(rmd, encr);
                     
encr.setSymmetricEncAlgorithm(rpd.getAlgorithmSuite().getEncryption());
+                    
if(encryptionToken.getInclusion().equals(Constants.INCLUDE_NEVER)) {
+                        Wss10 wss = rpd.getWss11();
+                        if(wss == null) {
+                            wss = rpd.getWss10();
+                        }
+                        if(wss.isMustSupportRefKeyIdentifier()) {
+                            
encr.setKeyIdentifierType(WSConstants.SKI_KEY_IDENTIFIER);
+                        } if(wss.isMustSupportRefIssuerSerial()) {
+                            
encr.setKeyIdentifierType(WSConstants.ISSUER_SERIAL);
+                        } else if(wss instanceof Wss11 && 
((Wss11)wss).isMustSupportRefThumbprint()) {
+                            
encr.setKeyIdentifierType(WSConstants.THUMBPRINT_IDENTIFIER);
+                        }
+                    } else {
+                        
encr.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
+                    }
                     
encr.setKeyEncAlgo(rpd.getAlgorithmSuite().getAsymmetricKeyWrap());
                     encr.prepare(doc, RampartUtil.getEncryptionCrypto(config, 
rmd.getCustomClassLoader()));
 
@@ -427,9 +444,15 @@
                     
                     
                     
if(encrToken.getInclusion().equals(Constants.INCLUDE_NEVER)) {
-                        if(rpd.getWss10() != null && 
rpd.getWss10().isMustSupportRefKeyIdentifier()) {
+                        Wss10 wss = rpd.getWss11();
+                        if(wss == null) {
+                            wss = rpd.getWss10();
+                        }
+                        if(wss.isMustSupportRefKeyIdentifier()) {
                             
encr.setKeyIdentifierType(WSConstants.SKI_KEY_IDENTIFIER);
-                        } else if(rpd.getWss11() != null && 
rpd.getWss11().isMustSupportRefThumbprint()) {
+                        } if(wss.isMustSupportRefIssuerSerial()) {
+                            
encr.setKeyIdentifierType(WSConstants.ISSUER_SERIAL);
+                        } else if(wss instanceof Wss11 && 
((Wss11)wss).isMustSupportRefThumbprint()) {
                             
encr.setKeyIdentifierType(WSConstants.THUMBPRINT_IDENTIFIER);
                         }
                     } else {

Modified: 
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/BindingBuilder.java
URL: 
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/BindingBuilder.java?view=diff&rev=563788&r1=563787&r2=563788
==============================================================================
--- 
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/BindingBuilder.java
 (original)
+++ 
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/BindingBuilder.java
 Wed Aug  8 01:30:15 2007
@@ -42,6 +42,8 @@
 import org.apache.ws.secpolicy.model.SupportingToken;
 import org.apache.ws.secpolicy.model.Token;
 import org.apache.ws.secpolicy.model.UsernameToken;
+import org.apache.ws.secpolicy.model.Wss10;
+import org.apache.ws.secpolicy.model.Wss11;
 import org.apache.ws.secpolicy.model.X509Token;
 import org.apache.ws.security.WSConstants;
 import org.apache.ws.security.WSEncryptionPart;
@@ -175,16 +177,21 @@
         
         WSSecEncryptedKey encrKey = new WSSecEncryptedKey();
         if(token.getInclusion().equals(Constants.INCLUDE_NEVER)) {
-            if(rpd.getWss11() != null) {
-                //Use thumbprint
-                
encrKey.setKeyIdentifierType(WSConstants.THUMBPRINT_IDENTIFIER);
-            } else {
-                //Use SKI
+            Wss10 wss = rpd.getWss11();
+            if(wss == null) {
+                wss = rpd.getWss10();
+            }
+            if(wss.isMustSupportRefKeyIdentifier()) {
                 encrKey.setKeyIdentifierType(WSConstants.SKI_KEY_IDENTIFIER);
+            } if(wss.isMustSupportRefIssuerSerial()) {
+                encrKey.setKeyIdentifierType(WSConstants.ISSUER_SERIAL);
+            } else if(wss instanceof Wss11 && 
((Wss11)wss).isMustSupportRefThumbprint()) {
+                
encrKey.setKeyIdentifierType(WSConstants.THUMBPRINT_IDENTIFIER);
             }
         } else {
             encrKey.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
         }
+        
         try {
             RampartUtil.setEncryptionUser(rmd, encrKey);
             
encrKey.setKeySize(rpd.getAlgorithmSuite().getMaximumSymmetricKeyLength());
@@ -207,14 +214,17 @@
         sig.setWsConfig(rmd.getConfig());
         
         log.debug("Token inclusion: " + token.getInclusion());
-        if(token.getInclusion().equals(Constants.INCLUDE_NEVER) ||
-                (!rmd.isInitiator() && 
token.getInclusion().equals(Constants.INCLUDE_ALWAYS_TO_RECIPIENT))) {
-            if(rpd.getWss11() != null) {
-                //Use thumbprint
-                sig.setKeyIdentifierType(WSConstants.THUMBPRINT_IDENTIFIER);
-            } else {
-                //Use SKI
+        if(token.getInclusion().equals(Constants.INCLUDE_NEVER)) {
+            Wss10 wss = rpd.getWss11();
+            if(wss == null) {
+                wss = rpd.getWss10();
+            }
+            if(wss.isMustSupportRefKeyIdentifier()) {
                 sig.setKeyIdentifierType(WSConstants.SKI_KEY_IDENTIFIER);
+            } if(wss.isMustSupportRefIssuerSerial()) {
+                sig.setKeyIdentifierType(WSConstants.ISSUER_SERIAL);
+            } else if(wss instanceof Wss11 && 
((Wss11)wss).isMustSupportRefThumbprint()) {
+                sig.setKeyIdentifierType(WSConstants.THUMBPRINT_IDENTIFIER);
             }
         } else {
             sig.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);

Modified: 
webservices/rampart/trunk/java/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
URL: 
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java?view=diff&rev=563788&r1=563787&r2=563788
==============================================================================
--- 
webservices/rampart/trunk/java/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
 (original)
+++ 
webservices/rampart/trunk/java/modules/rampart-integration/src/test/java/org/apache/rampart/RampartTest.java
 Wed Aug  8 01:30:15 2007
@@ -76,7 +76,7 @@
                         "Unlimited Strength Jurisdiction Policy !!!");
             }
             
-            for (int i = 1; i <= 11; i++) { //<-The number of tests we have
+            for (int i = 1; i <= 12; i++) { //<-The number of tests we have
                 if(!basic256Supported && (i == 3 || i == 4 || i ==5)) {
                     //Skip the Basic256 tests
                     continue;

Modified: 
webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/policy/12.xml
URL: 
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/policy/12.xml?view=diff&rev=563788&r1=563787&r2=563788
==============================================================================
--- 
webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/policy/12.xml
 (original)
+++ 
webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/policy/12.xml
 Wed Aug  8 01:30:15 2007
@@ -16,16 +16,16 @@
  ! limitations under the License.
  !-->
  
-<wsp:Policy wsu:Id="SigEncrUT" 
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
 xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";>
+<wsp:Policy wsu:Id="policy" 
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
 xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";>
        <wsp:ExactlyOne>
                <wsp:All>
                        <sp:AsymmetricBinding 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
                                <wsp:Policy>
                                        <sp:InitiatorToken>
                                                <wsp:Policy>
-                                                       <sp:X509Token 
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";>
+                                                       <sp:X509Token 
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never";>
                                                                <wsp:Policy>
-                                                                       
<sp:WssX509V3Token10/>
+                                                                       
<sp:RequireKeyIdentifierReference/>
                                                                </wsp:Policy>
                                                        </sp:X509Token>
                                                </wsp:Policy>
@@ -34,7 +34,7 @@
                                                <wsp:Policy>
                                                        <sp:X509Token 
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never";>
                                                                <wsp:Policy>
-                                                                       
<sp:WssX509V3Token10/>
+                                                                       
<sp:RequireKeyIdentifierReference/>
                                                                </wsp:Policy>
                                                        </sp:X509Token>
                                                </wsp:Policy>
@@ -44,32 +44,21 @@
                                                        <sp:TripleDesRsa15/>
                                                </wsp:Policy>
                                        </sp:AlgorithmSuite>
-                                       <sp:Layout>
-                                               <wsp:Policy>
-                                                       <sp:Strict/>
-                                               </wsp:Policy>
-                                       </sp:Layout>
                                        <sp:IncludeTimestamp/>
-                                       <sp:OnlySignEntireHeadersAndBody/>
                                </wsp:Policy>
                        </sp:AsymmetricBinding>
-                       <sp:SignedSupportingTokens 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
-                               <wsp:Policy>
-                                       <sp:UsernameToken 
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";
 />
-                         </wsp:Policy>
-                       </sp:SignedSupportingTokens>
-                       <sp:Wss10 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+                       <sp:Wss11 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
                                <wsp:Policy>
                                        <sp:MustSupportRefKeyIdentifier/>
-                                       <sp:MustSupportRefIssuerSerial/>
                                </wsp:Policy>
-                       </sp:Wss10>
-                       <sp:SignedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
-                               <sp:Body/>
-                       </sp:SignedParts>
+                       </sp:Wss11>
                        <sp:EncryptedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
                                <sp:Body/>
                        </sp:EncryptedParts>
+                       <sp:SignedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+                               <sp:Body/>
+                       </sp:SignedParts>
+
                        <ramp:RampartConfig 
xmlns:ramp="http://ws.apache.org/rampart/policy";> 
                                <ramp:user>alice</ramp:user>
                                <ramp:encryptionUser>bob</ramp:encryptionUser>
@@ -90,7 +79,6 @@
                                        </ramp:crypto>
                                </ramp:encryptionCypto>
                        </ramp:RampartConfig>
-
                </wsp:All>
        </wsp:ExactlyOne>
 </wsp:Policy>

Modified: 
webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/services-12.xml
URL: 
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/services-12.xml?view=diff&rev=563788&r1=563787&r2=563788
==============================================================================
--- 
webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/services-12.xml
 (original)
+++ 
webservices/rampart/trunk/java/modules/rampart-integration/src/test/resources/rampart/services-12.xml
 Wed Aug  8 01:30:15 2007
@@ -27,16 +27,16 @@
                <actionMapping>urn:echo</actionMapping>
        </operation>
        
-<wsp:Policy wsu:Id="SigEncrUT" 
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
 xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";>
+<wsp:Policy wsu:Id="policy" 
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
 xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";>
        <wsp:ExactlyOne>
                <wsp:All>
                        <sp:AsymmetricBinding 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
                                <wsp:Policy>
                                        <sp:InitiatorToken>
                                                <wsp:Policy>
-                                                       <sp:X509Token 
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";>
+                                                       <sp:X509Token 
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never";>
                                                                <wsp:Policy>
-                                                                       
<sp:WssX509V3Token10/>
+                                                                       
<sp:RequireKeyIdentifierReference/>
                                                                </wsp:Policy>
                                                        </sp:X509Token>
                                                </wsp:Policy>
@@ -45,7 +45,7 @@
                                                <wsp:Policy>
                                                        <sp:X509Token 
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never";>
                                                                <wsp:Policy>
-                                                                       
<sp:WssX509V3Token10/>
+                                                                       
<sp:RequireKeyIdentifierReference/>
                                                                </wsp:Policy>
                                                        </sp:X509Token>
                                                </wsp:Policy>
@@ -55,32 +55,21 @@
                                                        <sp:TripleDesRsa15/>
                                                </wsp:Policy>
                                        </sp:AlgorithmSuite>
-                                       <sp:Layout>
-                                               <wsp:Policy>
-                                                       <sp:Strict/>
-                                               </wsp:Policy>
-                                       </sp:Layout>
                                        <sp:IncludeTimestamp/>
-                                       <sp:OnlySignEntireHeadersAndBody/>
                                </wsp:Policy>
                        </sp:AsymmetricBinding>
-                       <sp:SignedSupportingTokens 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
-                               <wsp:Policy>
-                                       <sp:UsernameToken 
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";
 />
-                         </wsp:Policy>
-                       </sp:SignedSupportingTokens>
-                       <sp:Wss10 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+                       <sp:Wss11 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
                                <wsp:Policy>
                                        <sp:MustSupportRefKeyIdentifier/>
-                                       <sp:MustSupportRefIssuerSerial/>
                                </wsp:Policy>
-                       </sp:Wss10>
-                       <sp:SignedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
-                               <sp:Body/>
-                       </sp:SignedParts>
+                       </sp:Wss11>
                        <sp:EncryptedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
                                <sp:Body/>
                        </sp:EncryptedParts>
+                       <sp:SignedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
+                               <sp:Body/>
+                       </sp:SignedParts>
+
                        <ramp:RampartConfig 
xmlns:ramp="http://ws.apache.org/rampart/policy";> 
                                <ramp:user>bob</ramp:user>
                                <ramp:encryptionUser>alice</ramp:encryptionUser>
@@ -101,9 +90,7 @@
                                        </ramp:crypto>
                                </ramp:encryptionCypto>
                        </ramp:RampartConfig>
-
                </wsp:All>
        </wsp:ExactlyOne>
 </wsp:Policy>
-
 </service>

svn commit: r563788 - in /webservices/rampart: branches/java/1_3/modules/rampart-core/src/main/java/org/apache/rampart/builder/ branches/java/1_3/modules/rampart-integration/src/test/java/org/apache/rampart/ branches/java/1_3/modules/rampart-integratio...

Reply via email to