svn commit: r593457 - in /webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart: MessageBuilder.java builder/BindingBuilder.java builder/SymmetricBindingBuilder.java util/RampartUtil.java

Fri, 09 Nov 2007 00:51:35 -0800 

Author: ruchithf
Date: Fri Nov  9 00:51:07 2007
New Revision: 593457

URL: http://svn.apache.org/viewvc?rev=593457&view=rev
Log:
A SecurityContextToken can be used without derived keys in 
WS-SecureConversation... This is when the policy doesn't specify 
requireDerivedKeys in the SecureConversation assertion.
Updated Rampart to this and this depends on teh latest WSS4J


Modified:
    
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/MessageBuilder.java
    
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/BindingBuilder.java
    
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/SymmetricBindingBuilder.java
    
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java

Modified: 
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/MessageBuilder.java
URL: 
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/MessageBuilder.java?rev=593457&r1=593456&r2=593457&view=diff
==============================================================================
--- 
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/MessageBuilder.java
 (original)
+++ 
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/MessageBuilder.java
 Fri Nov  9 00:51:07 2007
@@ -29,6 +29,7 @@
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.apache.rahas.RahasConstants;
+import org.apache.rahas.TokenStorage;
 import org.apache.rahas.TrustUtil;
 import org.apache.rampart.builder.AsymmetricBindingBuilder;
 import org.apache.rampart.builder.SymmetricBindingBuilder;
@@ -41,6 +42,7 @@
 import org.apache.ws.secpolicy.WSSPolicyException;
 import org.apache.ws.security.WSSecurityException;
 import org.apache.ws.security.handler.WSHandlerConstants;
+import org.apache.ws.security.message.token.SecurityContextToken;
 import org.w3c.dom.Element;
 import org.w3c.dom.Node;
 
@@ -104,7 +106,11 @@
                 if(tokenId != null && RampartUtil.isTokenValid(rmd, tokenId)) {
                     OMElement bodyElem = msgCtx.getEnvelope().getBody();
                     OMElement child = bodyElem.getFirstElement();
-                    OMElement newChild = 
TrustUtil.createCancelRequest(tokenId, rmd.getWstVersion());
+                    SecurityContextToken sct = new SecurityContextToken(
+                            (Element) rmd.getTokenStorage().getToken(tokenId)
+                                    .getToken());
+                    OMElement newChild = TrustUtil.createCancelRequest(sct
+                            .getIdentifier(), rmd.getWstVersion());
                     Element newDomChild = XMLUtils.toDOM(newChild);
                     Node importedNode = rmd.getDocument().importNode((Element) 
newDomChild, true);
                     ((Element) bodyElem).replaceChild(importedNode, (Element) 
child);

Modified: 
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/BindingBuilder.java
URL: 
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/BindingBuilder.java?rev=593457&r1=593456&r2=593457&view=diff
==============================================================================
--- 
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/BindingBuilder.java
 (original)
+++ 
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/BindingBuilder.java
 Fri Nov  9 00:51:07 2007
@@ -468,7 +468,7 @@
         
         RampartPolicyData rpd = rmd.getPolicyData();
         
-        if(policyToken.isDerivedKeys() || policyToken instanceof 
SecureConversationToken) {
+        if(policyToken.isDerivedKeys()) {
             try {
                 WSSecDKSign dkSign = new WSSecDKSign();
 

Modified: 
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/SymmetricBindingBuilder.java
URL: 
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/SymmetricBindingBuilder.java?rev=593457&r1=593456&r2=593457&view=diff
==============================================================================
--- 
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/SymmetricBindingBuilder.java
 (original)
+++ 
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/builder/SymmetricBindingBuilder.java
 Fri Nov  9 00:51:07 2007
@@ -520,7 +520,8 @@
         
         Element refList = null;
         if(encrParts.size() > 0) {
-            if(encrToken.isDerivedKeys() || encrToken instanceof 
SecureConversationToken) {
+            //The sec conv token can be used without derived keys
+            if(encrToken.isDerivedKeys()) {
                 
                 try {
                     WSSecDKEncrypt dkEncr = new WSSecDKEncrypt();
@@ -575,7 +576,7 @@
                     throw new RampartException("errorInDKEncr");
                 } catch (ConversationException e) {
                     throw new RampartException("errorInDKEncr");
-                }
+                }                
             } else {
                 try {
                     
@@ -596,8 +597,13 @@
                     
encr.setSymmetricEncAlgorithm(rpd.getAlgorithmSuite().getEncryption());
                     // Use key identifier in the KeyInfo in server side
                     if (!rmd.isInitiator()) {
-                       encr.setUseKeyIdentifier(true);
-                       
encr.setKeyIdentifierType(WSConstants.ENCRYPTED_KEY_SHA1_IDENTIFIER);
+                        if(encrTok instanceof EncryptedKeyToken) {
+                            encr.setUseKeyIdentifier(true);
+                            
encr.setCustomReferenceValue(((EncryptedKeyToken)encrTok).getSHA1());
+                            
encr.setKeyIdentifierType(WSConstants.ENCRYPTED_KEY_SHA1_IDENTIFIER);
+                        } else {
+                            encr.setEphemeralKey(encrTok.getSecret());
+                        }
                     }
                     encr.prepare(doc, RampartUtil.getEncryptionCrypto(rpd
                             .getRampartConfig(), rmd.getCustomClassLoader()));

Modified: 
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java
URL: 
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java?rev=593457&r1=593456&r2=593457&view=diff
==============================================================================
--- 
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java
 (original)
+++ 
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java
 Fri Nov  9 00:51:07 2007
@@ -497,6 +497,9 @@
                     client.setAddressingNs((String)addrVersionNs);
                 }
                 
+                //Set soap version
+                
client.setSoapVersion(msgContext.getOptions().getSoapVersionURI());
+                
                 //Make the request
                 org.apache.rahas.Token rst = 
                     client.requestSecurityToken(servicePolicy,

Reply via email to