cxf git commit: Recording .gitmergeinfo Changes
Repository: cxf Updated Branches: refs/heads/3.0.x-fixes 36eff36d4 -> 622442a78 Recording .gitmergeinfo Changes Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/622442a7 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/622442a7 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/622442a7 Branch: refs/heads/3.0.x-fixes Commit: 622442a78f41b41bf52a85c6a620262b8436f43b Parents: 36eff36 Author: Colm O hEigeartaighAuthored: Tue Mar 28 17:36:01 2017 +0100 Committer: Colm O hEigeartaigh Committed: Tue Mar 28 17:36:01 2017 +0100 -- .gitmergeinfo | 3 +++ 1 file changed, 3 insertions(+) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/622442a7/.gitmergeinfo -- diff --git a/.gitmergeinfo b/.gitmergeinfo index ba25a06..5531a9c 100644 --- a/.gitmergeinfo +++ b/.gitmergeinfo @@ -533,6 +533,7 @@ B 4f70bdf4199a666829cf9c6c62c508d12afbe251 B 4fbb05ce31ccfee730d144f328b90f300a64693b B 4fe7844935f9b4ad797760613d143949f9448905 B 4ff4cf5f28b22bc85cc107a9d31545c53c04845a +B 50100ff72df3a29f21c09405a4262974165fa6d5 B 5015c0c1ccb3bda0d83570c8b0e9889900d68221 B 503567af618e7b7a402df5455be7ef7ea0c0a9b6 B 504b427081cfc2213ce0a5c050b16af67ca7ff46 @@ -732,6 +733,7 @@ B 6f7bfef950da7c4e629c4b3d4fecbdecdc03bbd9 B 6fb43da4f6c1578aeffe0a8a24dc27b597aec2c6 B 6fb880420de545f7ed09199674b7fec3d0ba4d7c B 6fe5b5a80d477ba460c223e62f4b73b825cd3771 +B 6ffbba84101f30b7ea481fb9f508e5ae418df853 B 702f27bc4a334b2d117262252632bf580f20f711 B 70837021f60524b60e4328c5f47c6170ff30 B 708f53f7af5a53003f642a4422d8c11de18f8889 @@ -1071,6 +1073,7 @@ B a67a0a69214717c7c92baa27f74000d5af895c83 B a69839b8b7a776b9deb80bdf14942b231761ad53 B a6af7bddf7c00e0d8d6db4f84ac87dd93bd2a9e8 B a7287694f81d87e299b331d6594740614331bfe1 +B a754efaefd486e23587fe671dfbcd5955312bf92 B a75df553a2bb0cee94b96fababa723d7d0f45d90 B a77c05fcbef3f8a0d963dd196fa1f142a975f6cd B a78e2e4d67628577ee9418412e8f89fe0c3c243b
[3/3] cxf git commit: Fixing merge
Fixing merge Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/a754efae Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/a754efae Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/a754efae Branch: refs/heads/3.1.x-fixes Commit: a754efaefd486e23587fe671dfbcd5955312bf92 Parents: 6ffbba8 Author: Colm O hEigeartaighAuthored: Tue Mar 28 17:33:05 2017 +0100 Committer: Colm O hEigeartaigh Committed: Tue Mar 28 17:33:05 2017 +0100 -- .../apache/cxf/rs/security/xml/EncryptionProperties.java | 8 .../apache/cxf/rs/security/xml/SignatureProperties.java | 8 .../apache/cxf/rs/security/xml/XmlSecOutInterceptor.java | 10 -- 3 files changed, 26 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/a754efae/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/EncryptionProperties.java -- diff --git a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/EncryptionProperties.java b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/EncryptionProperties.java index 4a5ab1d..4de9e8e 100644 --- a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/EncryptionProperties.java +++ b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/EncryptionProperties.java @@ -25,12 +25,8 @@ public class EncryptionProperties { private String encryptionSymmetricKeyAlgo; private String encryptionDigestAlgo; private String encryptionKeyIdType; -<<< HEAD - -=== private String encryptionKeyName; ->>> b30d620... CXF-7084 - Pass a value for the KeyName element from the XmlSecOutInterceptor to Santuario public void setEncryptionKeyTransportAlgo(String encryptionKeyTransportAlgo) { this.encryptionKeyTransportAlgo = encryptionKeyTransportAlgo; } @@ -55,9 +51,6 @@ public class EncryptionProperties { public String getEncryptionKeyIdType() { return encryptionKeyIdType; } -<<< HEAD - -=== public String getEncryptionKeyName() { return encryptionKeyName; } @@ -65,5 +58,4 @@ public class EncryptionProperties { this.encryptionKeyName = encryptionKeyName; } ->>> b30d620... CXF-7084 - Pass a value for the KeyName element from the XmlSecOutInterceptor to Santuario } http://git-wip-us.apache.org/repos/asf/cxf/blob/a754efae/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/SignatureProperties.java -- diff --git a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/SignatureProperties.java b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/SignatureProperties.java index 16aff78..8c861ab 100644 --- a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/SignatureProperties.java +++ b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/SignatureProperties.java @@ -24,12 +24,8 @@ public class SignatureProperties { private String signatureC14nMethod; private String signatureC14nTransform; private String signatureKeyIdType; -<<< HEAD - -=== private String signatureKeyName; ->>> b30d620... CXF-7084 - Pass a value for the KeyName element from the XmlSecOutInterceptor to Santuario public void setSignatureAlgo(String signatureAlgo) { this.signatureAlgo = signatureAlgo; } @@ -76,9 +72,6 @@ public class SignatureProperties { public void setSignatureKeyIdType(String signatureKeyIdType) { this.signatureKeyIdType = signatureKeyIdType; } -<<< HEAD - -=== public String getSignatureKeyName() { return signatureKeyName; } @@ -86,5 +79,4 @@ public class SignatureProperties { this.signatureKeyName = signatureKeyName; } ->>> b30d620... CXF-7084 - Pass a value for the KeyName element from the XmlSecOutInterceptor to Santuario } http://git-wip-us.apache.org/repos/asf/cxf/blob/a754efae/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecOutInterceptor.java -- diff --git a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecOutInterceptor.java b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecOutInterceptor.java index b821eca..9018772 100644 --- a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecOutInterceptor.java +++ b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecOutInterceptor.java @@ -160,14 +160,8 @@ public class XmlSecOutInterceptor extends AbstractPhaseInterceptor {
[1/3] cxf git commit: Recording .gitmergeinfo Changes
Repository: cxf Updated Branches: refs/heads/3.1.x-fixes 27ae9979b -> a754efaef Recording .gitmergeinfo Changes Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/6ffbba84 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/6ffbba84 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/6ffbba84 Branch: refs/heads/3.1.x-fixes Commit: 6ffbba84101f30b7ea481fb9f508e5ae418df853 Parents: 50100ff Author: Colm O hEigeartaighAuthored: Tue Mar 28 17:32:05 2017 +0100 Committer: Colm O hEigeartaigh Committed: Tue Mar 28 17:32:05 2017 +0100 -- .gitmergeinfo | 1 + 1 file changed, 1 insertion(+) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/6ffbba84/.gitmergeinfo -- diff --git a/.gitmergeinfo b/.gitmergeinfo index e21ad4a..4b17633 100644 --- a/.gitmergeinfo +++ b/.gitmergeinfo @@ -464,6 +464,7 @@ M b0a79aa7b48da6acdc6da1169abd690ecf914ca8 M b1c6125f50b294b0e2ebc927671e2ff53b5001bf M b2b6f0137cd9f1bafff5d487e8383453692a2ff0 M b2e5fb6583d64deeb8a42d2eeb6935c5f33dc0c6 +M b30d620d90593f52b79ae578373597defc89e80d M b418fd7952dc36f1a3e577e457833588a2056104 M b433c753d44350daff5a40ff8eb5a149cf557a68 M b49075882641fcebbbdf1ed8d84247fcf80aa558
[2/3] cxf git commit: CXF-7084 - Pass a value for the KeyName element from the XmlSecOutInterceptor to Santuario Thanks to Hugo Trippaers for the patch. Some modifications made to the patch as outline
CXF-7084 - Pass a value for the KeyName element from the XmlSecOutInterceptor to Santuario Thanks to Hugo Trippaers for the patch. Some modifications made to the patch as outlined in the JIRA. This closes #176 # Conflicts: # rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/EncryptionProperties.java # rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/SignatureProperties.java # rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecOutInterceptor.java Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/50100ff7 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/50100ff7 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/50100ff7 Branch: refs/heads/3.1.x-fixes Commit: 50100ff72df3a29f21c09405a4262974165fa6d5 Parents: 27ae997 Author: Colm O hEigeartaighAuthored: Tue Mar 28 17:29:22 2017 +0100 Committer: Colm O hEigeartaigh Committed: Tue Mar 28 17:32:05 2017 +0100 -- .../rs/security/xml/EncryptionProperties.java | 15 +++ .../rs/security/xml/SignatureProperties.java| 15 +++ .../rs/security/xml/XmlSecOutInterceptor.java | 13 ++ .../jaxrs/security/xml/JAXRSXmlSecTest.java | 45 .../systest/jaxrs/security/xml/stax-server.xml | 16 +++ 5 files changed, 104 insertions(+) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/50100ff7/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/EncryptionProperties.java -- diff --git a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/EncryptionProperties.java b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/EncryptionProperties.java index 06d3e11..4a5ab1d 100644 --- a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/EncryptionProperties.java +++ b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/EncryptionProperties.java @@ -25,7 +25,12 @@ public class EncryptionProperties { private String encryptionSymmetricKeyAlgo; private String encryptionDigestAlgo; private String encryptionKeyIdType; +<<< HEAD +=== +private String encryptionKeyName; + +>>> b30d620... CXF-7084 - Pass a value for the KeyName element from the XmlSecOutInterceptor to Santuario public void setEncryptionKeyTransportAlgo(String encryptionKeyTransportAlgo) { this.encryptionKeyTransportAlgo = encryptionKeyTransportAlgo; } @@ -50,5 +55,15 @@ public class EncryptionProperties { public String getEncryptionKeyIdType() { return encryptionKeyIdType; } +<<< HEAD +=== +public String getEncryptionKeyName() { +return encryptionKeyName; +} +public void setEncryptionKeyName(String encryptionKeyName) { +this.encryptionKeyName = encryptionKeyName; +} + +>>> b30d620... CXF-7084 - Pass a value for the KeyName element from the XmlSecOutInterceptor to Santuario } http://git-wip-us.apache.org/repos/asf/cxf/blob/50100ff7/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/SignatureProperties.java -- diff --git a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/SignatureProperties.java b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/SignatureProperties.java index f8a7980..16aff78 100644 --- a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/SignatureProperties.java +++ b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/SignatureProperties.java @@ -24,7 +24,12 @@ public class SignatureProperties { private String signatureC14nMethod; private String signatureC14nTransform; private String signatureKeyIdType; +<<< HEAD +=== +private String signatureKeyName; + +>>> b30d620... CXF-7084 - Pass a value for the KeyName element from the XmlSecOutInterceptor to Santuario public void setSignatureAlgo(String signatureAlgo) { this.signatureAlgo = signatureAlgo; } @@ -71,5 +76,15 @@ public class SignatureProperties { public void setSignatureKeyIdType(String signatureKeyIdType) { this.signatureKeyIdType = signatureKeyIdType; } +<<< HEAD +=== +public String getSignatureKeyName() { +return signatureKeyName; +} +public void setSignatureKeyName(String signatureKeyName) { +this.signatureKeyName = signatureKeyName; +} + +>>> b30d620... CXF-7084 - Pass a value for the KeyName element from the XmlSecOutInterceptor to Santuario }
cxf git commit: This closes #249
Repository: cxf Updated Branches: refs/heads/master b30d620d9 -> 16672c10c This closes #249 Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/16672c10 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/16672c10 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/16672c10 Branch: refs/heads/master Commit: 16672c10cf0a7bcfeeb946fd352e50fb72bda991 Parents: b30d620 Author: Sergey BeryozkinAuthored: Tue Mar 28 17:35:12 2017 +0100 Committer: Sergey Beryozkin Committed: Tue Mar 28 17:35:12 2017 +0100 -- --
cxf git commit: CXF-7084 - Pass a value for the KeyName element from the XmlSecOutInterceptor to Santuario Thanks to Hugo Trippaers for the patch. Some modifications made to the patch as outlined in t
Repository: cxf Updated Branches: refs/heads/master 9df8cbc09 -> b30d620d9 CXF-7084 - Pass a value for the KeyName element from the XmlSecOutInterceptor to Santuario Thanks to Hugo Trippaers for the patch. Some modifications made to the patch as outlined in the JIRA. This closes #176 Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/b30d620d Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/b30d620d Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/b30d620d Branch: refs/heads/master Commit: b30d620d90593f52b79ae578373597defc89e80d Parents: 9df8cbc Author: Colm O hEigeartaighAuthored: Tue Mar 28 17:29:22 2017 +0100 Committer: Colm O hEigeartaigh Committed: Tue Mar 28 17:31:37 2017 +0100 -- .../rs/security/xml/EncryptionProperties.java | 7 +++ .../rs/security/xml/SignatureProperties.java| 7 +++ .../rs/security/xml/XmlSecOutInterceptor.java | 7 ++- .../jaxrs/security/xml/JAXRSXmlSecTest.java | 45 .../systest/jaxrs/security/xml/stax-server.xml | 16 +++ 5 files changed, 80 insertions(+), 2 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/b30d620d/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/EncryptionProperties.java -- diff --git a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/EncryptionProperties.java b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/EncryptionProperties.java index e7c0fdf..4de9e8e 100644 --- a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/EncryptionProperties.java +++ b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/EncryptionProperties.java @@ -25,6 +25,7 @@ public class EncryptionProperties { private String encryptionSymmetricKeyAlgo; private String encryptionDigestAlgo; private String encryptionKeyIdType; +private String encryptionKeyName; public void setEncryptionKeyTransportAlgo(String encryptionKeyTransportAlgo) { this.encryptionKeyTransportAlgo = encryptionKeyTransportAlgo; @@ -50,5 +51,11 @@ public class EncryptionProperties { public String getEncryptionKeyIdType() { return encryptionKeyIdType; } +public String getEncryptionKeyName() { +return encryptionKeyName; +} +public void setEncryptionKeyName(String encryptionKeyName) { +this.encryptionKeyName = encryptionKeyName; +} } http://git-wip-us.apache.org/repos/asf/cxf/blob/b30d620d/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/SignatureProperties.java -- diff --git a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/SignatureProperties.java b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/SignatureProperties.java index dc81c8a..8c861ab 100644 --- a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/SignatureProperties.java +++ b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/SignatureProperties.java @@ -24,6 +24,7 @@ public class SignatureProperties { private String signatureC14nMethod; private String signatureC14nTransform; private String signatureKeyIdType; +private String signatureKeyName; public void setSignatureAlgo(String signatureAlgo) { this.signatureAlgo = signatureAlgo; @@ -71,5 +72,11 @@ public class SignatureProperties { public void setSignatureKeyIdType(String signatureKeyIdType) { this.signatureKeyIdType = signatureKeyIdType; } +public String getSignatureKeyName() { +return signatureKeyName; +} +public void setSignatureKeyName(String signatureKeyName) { +this.signatureKeyName = signatureKeyName; +} } http://git-wip-us.apache.org/repos/asf/cxf/blob/b30d620d/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecOutInterceptor.java -- diff --git a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecOutInterceptor.java b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecOutInterceptor.java index 4688537..904a92b 100644 --- a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecOutInterceptor.java +++ b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecOutInterceptor.java @@ -48,6 +48,7 @@ import org.apache.cxf.phase.Phase; import org.apache.cxf.rs.security.common.CryptoLoader; import org.apache.cxf.rs.security.common.RSSecurityUtils; import org.apache.cxf.rt.security.SecurityConstants; +import org.apache.cxf.rt.security.utils.SecurityUtils; import
cxf git commit: [CXF-7293] Updating AbstractSpringComponentScanServer to ignore client proxy classes, with thanks to Dennis Kieselhorst
Repository: cxf Updated Branches: refs/heads/3.1.x-fixes 794243e6c -> 27ae9979b [CXF-7293] Updating AbstractSpringComponentScanServer to ignore client proxy classes, with thanks to Dennis Kieselhorst Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/27ae9979 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/27ae9979 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/27ae9979 Branch: refs/heads/3.1.x-fixes Commit: 27ae9979b88540574ee59c487f43c20c877c8be3 Parents: 794243e Author: Sergey BeryozkinAuthored: Tue Mar 28 17:17:17 2017 +0100 Committer: Sergey Beryozkin Committed: Tue Mar 28 17:18:58 2017 +0100 -- .../spring/AbstractSpringComponentScanServer.java | 18 ++ 1 file changed, 18 insertions(+) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/27ae9979/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/spring/AbstractSpringComponentScanServer.java -- diff --git a/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/spring/AbstractSpringComponentScanServer.java b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/spring/AbstractSpringComponentScanServer.java index 4afe05e..9099519 100644 --- a/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/spring/AbstractSpringComponentScanServer.java +++ b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/spring/AbstractSpringComponentScanServer.java @@ -19,6 +19,7 @@ package org.apache.cxf.jaxrs.spring; import java.lang.annotation.Annotation; +import java.lang.reflect.Proxy; import java.util.Collection; import java.util.HashSet; import java.util.LinkedList; @@ -32,6 +33,7 @@ import javax.ws.rs.ext.Provider; import org.apache.cxf.annotations.Provider.Scope; import org.apache.cxf.common.logging.LogUtils; +import org.apache.cxf.common.util.ClassHelper; import org.apache.cxf.common.util.ClasspathScanner; import org.apache.cxf.common.util.PackageUtils; import org.apache.cxf.common.util.StringUtils; @@ -135,10 +137,26 @@ public abstract class AbstractSpringComponentScanServer extends AbstractSpringCo Set componentScanPackagesSet, Set componentScanBeansSet) { return isAnnotationAvailable(beanName, ann) +&& nonProxyClass(beanName) && matchesServiceAnnotation(beanName) && matchesComponentPackage(beanName, componentScanPackagesSet) && matchesComponentName(beanName, componentScanBeansSet); } +protected boolean nonProxyClass(String beanName) { +// JAX-RS runtime needs to be able to access the real component class to introspect it for +// JAX-RS annotations; the following check ensures that the valid proxified components +// are accepted while the client proxies are ignored. +Class type = ClassHelper.getRealClassFromClass(applicationContext.getType(beanName)); +if (Proxy.isProxyClass(type) && applicationContext.isSingleton(beanName)) { +type = ClassHelper.getRealClass(applicationContext.getBean(beanName)); +} +if (Proxy.isProxyClass(type)) { +LOG.fine("Can not determine the real class of the component '" + beanName + "'"); +return false; +} else { +return true; +} +} protected boolean matchesComponentName(String beanName, Set componentScanBeansSet) { return componentScanBeansSet == null || componentScanBeansSet.contains(beanName); }
cxf git commit: [CXF-7293] Updating AbstractSpringComponentScanServer to ignore client proxy classes, with thanks to Dennis Kieselhorst
Repository: cxf Updated Branches: refs/heads/master 428f7700d -> 9df8cbc09 [CXF-7293] Updating AbstractSpringComponentScanServer to ignore client proxy classes, with thanks to Dennis Kieselhorst Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/9df8cbc0 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/9df8cbc0 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/9df8cbc0 Branch: refs/heads/master Commit: 9df8cbc0942a52dee2f94d9aea08be46b501bb78 Parents: 428f770 Author: Sergey BeryozkinAuthored: Tue Mar 28 17:17:17 2017 +0100 Committer: Sergey Beryozkin Committed: Tue Mar 28 17:17:17 2017 +0100 -- .../spring/AbstractSpringComponentScanServer.java | 18 ++ 1 file changed, 18 insertions(+) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/9df8cbc0/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/spring/AbstractSpringComponentScanServer.java -- diff --git a/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/spring/AbstractSpringComponentScanServer.java b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/spring/AbstractSpringComponentScanServer.java index 9225ad9..d5a11dc 100644 --- a/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/spring/AbstractSpringComponentScanServer.java +++ b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/spring/AbstractSpringComponentScanServer.java @@ -19,6 +19,7 @@ package org.apache.cxf.jaxrs.spring; import java.lang.annotation.Annotation; +import java.lang.reflect.Proxy; import java.util.Collection; import java.util.HashSet; import java.util.LinkedList; @@ -32,6 +33,7 @@ import javax.ws.rs.ext.Provider; import org.apache.cxf.annotations.Provider.Scope; import org.apache.cxf.common.logging.LogUtils; +import org.apache.cxf.common.util.ClassHelper; import org.apache.cxf.common.util.ClasspathScanner; import org.apache.cxf.common.util.PackageUtils; import org.apache.cxf.common.util.StringUtils; @@ -135,10 +137,26 @@ public abstract class AbstractSpringComponentScanServer extends AbstractSpringCo Set componentScanPackagesSet, Set componentScanBeansSet) { return isAnnotationAvailable(beanName, ann) +&& nonProxyClass(beanName) && matchesServiceAnnotation(beanName) && matchesComponentPackage(beanName, componentScanPackagesSet) && matchesComponentName(beanName, componentScanBeansSet); } +protected boolean nonProxyClass(String beanName) { +// JAX-RS runtime needs to be able to access the real component class to introspect it for +// JAX-RS annotations; the following check ensures that the valid proxified components +// are accepted while the client proxies are ignored. +Class type = ClassHelper.getRealClassFromClass(applicationContext.getType(beanName)); +if (Proxy.isProxyClass(type) && applicationContext.isSingleton(beanName)) { +type = ClassHelper.getRealClass(applicationContext.getBean(beanName)); +} +if (Proxy.isProxyClass(type)) { +LOG.fine("Can not determine the real class of the component '" + beanName + "'"); +return false; +} else { +return true; +} +} protected boolean matchesComponentName(String beanName, Set componentScanBeansSet) { return componentScanBeansSet == null || componentScanBeansSet.contains(beanName); }
cxf git commit: Recording .gitmergeinfo Changes
Repository: cxf Updated Branches: refs/heads/3.0.x-fixes 381c4b6b4 -> 36eff36d4 Recording .gitmergeinfo Changes Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/36eff36d Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/36eff36d Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/36eff36d Branch: refs/heads/3.0.x-fixes Commit: 36eff36d4fec58ee0601365b120964f281affa34 Parents: 381c4b6 Author: Colm O hEigeartaighAuthored: Tue Mar 28 17:10:32 2017 +0100 Committer: Colm O hEigeartaigh Committed: Tue Mar 28 17:10:32 2017 +0100 -- .gitmergeinfo | 4 1 file changed, 4 insertions(+) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/36eff36d/.gitmergeinfo -- diff --git a/.gitmergeinfo b/.gitmergeinfo index 7d99e41..ba25a06 100644 --- a/.gitmergeinfo +++ b/.gitmergeinfo @@ -315,6 +315,7 @@ B 2fc4aea17c98120c3715ef9babb19f58c0a79cad B 2fccfdcdbcd3a8bb8ea740eda499b48b74dbaf65 B 2fd8103535c1246a3a243e0fd7bcea86947e6b14 B 2fe88ec153b6193a8c80f7c1226db19600e0839a +B 30119990866f5da50d5261653a1843c618cd6459 B 3019c331c0f069ed63611b5263df3ee4d427e4a7 B 304ee04631e07040519f32ece1e44a79e784dff8 B 3051c2a54adc909be8d63c690b1444eb2f9e5e35 @@ -366,6 +367,7 @@ B 36d2bf61511d1921a38d065eb474be802f2f949e B 36dc41e1b2bddd02def5dafbafd4a86443ab5e30 B 36ebac7b230f8b48d098c580b6774a91f1844854 B 36fcf426a4946f57b051ce7a388c7190fc97aebd +B 375c356a6cda9fed795173155eebc5d1c5b523f1 B 37610a53863464b3bab9eecf8db4f94497504163 B 37defa84d8002e1c0ec582f5c1c68643bc3b66d6 B 3832cdfc47a3580da5125bae0b590d9250d4abed @@ -454,6 +456,7 @@ B 4534b29556a1da628c920c36e4245d0d35ca6905 B 4559444c83d4aa4745674a402c0461d170df6d84 B 456bd834ca5a7a6b9bff3a546b445960012b88e2 B 456eff5885d85e2cfe30b639bd5a442929a3f9de +B 4586fe5b01c92a5353ff73bd0966d2a54329bb8b B 45a04b3ec3281ea04a06e0dfc88502d2f182f4b6 B 45bdda8482aa38509cf62283c159bce347894e24 B 45f6dac04dc543371c9de1ac3fbd4260f7805dd6 @@ -777,6 +780,7 @@ B 78a8593698fe382d72e3e2101e017dc1835c384b B 78fbd425ba4b49908e2b377a979a80ccf9cb29c5 B 7923a6209a05d71cfeb752ed2d45c9e6e7116942 B 793f0a7d2a8eade3238deef212dff5f29e0c5b4d +B 794243e6c9ed943a78cde259f40d984514c03559 B 799c5389f754eb588f023b646b8983b50dde00be B 7a0736b8f1adb1a1b64ca15d1b03bedb175a41de B 7a365ca6064803abfff7782a0f972dc8b4e29687
[3/5] cxf git commit: Switching to use security constants in the tests instead of strings
Switching to use security constants in the tests instead of strings # Conflicts: # rt/ws/rm/src/main/java/org/apache/cxf/ws/rm/RMManager.java # services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/custom_onbehalfof/CustomOnBehalfOfTest.java # services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/secure_conv/SecurityContextTokenCancelTest.java # services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/symmetric/SymmetricBindingTest.java # services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/template/TemplateTest.java # services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/transport/TransportBindingTest.java # services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/username_actas/UsernameActAsCachingTest.java # services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/username_actas/UsernameActAsTest.java # services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/username_onbehalfof/UsernameOnBehalfOfCachingTest.java # services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/username_onbehalfof/UsernameOnBehalfOfTest.java # systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/JAXRSOAuth2Test.java # systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/JAXRSSamlAuthorizationTest.java # systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java # systests/ws-rm/src/test/java/org/apache/cxf/systest/ws/rm/sec/WSRMWithWSSecurityPolicyTest.java # systests/ws-security/src/test/java/org/apache/cxf/systest/ws/fault/FaultTest.java # systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/HelloServiceImpl.java # systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssc/WSSCUnitTest.java # systests/ws-security/src/test/java/org/apache/cxf/systest/ws/x509/DoubleItPropertiesImpl.java Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/30119990 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/30119990 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/30119990 Branch: refs/heads/3.1.x-fixes Commit: 30119990866f5da50d5261653a1843c618cd6459 Parents: 0b094e8 Author: Colm O hEigeartaighAuthored: Tue Mar 28 16:27:09 2017 +0100 Committer: Colm O hEigeartaigh Committed: Tue Mar 28 16:30:35 2017 +0100 -- .../java/org/apache/cxf/ws/rm/RMManager.java| 4 +- .../systest/sts/custom/CustomParameterTest.java | 16 +-- .../custom_onbehalfof/CustomOnBehalfOfTest.java | 5 +- .../cxf/systest/sts/renew/SAMLRenewTest.java| 2 +- .../SecurityContextTokenCancelTest.java | 2 +- .../sts/sendervouches/DoubleItPortTypeImpl.java | 3 +- .../sts/symmetric/SymmetricBindingTest.java | 10 +- .../cxf/systest/sts/template/TemplateTest.java | 8 +- .../sts/transport/TransportBindingTest.java | 8 +- .../UsernameActAsCachingTest.java | 34 ++--- .../sts/username_actas/UsernameActAsTest.java | 7 +- .../UsernameOnBehalfOfCachingTest.java | 36 ++--- .../UsernameOnBehalfOfTest.java | 9 +- .../security/oauth2/grants/JAXRSOAuth2Test.java | 13 +- .../saml/JAXRSSamlAuthorizationTest.java| 5 +- .../jaxrs/security/xml/JAXRSXmlSecTest.java | 140 +-- .../ws/rm/sec/WSRMWithWSSecurityPolicyTest.java | 39 +- .../apache/cxf/systest/ws/fault/FaultTest.java | 31 ++-- .../ws/policy/handler/HelloServiceImpl.java | 49 +++ .../cxf/systest/ws/saml/SamlTokenTest.java | 62 .../saml/subjectconf/SamlSubjectConfTest.java | 19 +-- .../cxf/systest/ws/wssc/WSSCUnitTest.java | 25 +++- .../systest/ws/x509/DoubleItPropertiesImpl.java | 8 ++ 23 files changed, 381 insertions(+), 154 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/30119990/rt/ws/rm/src/main/java/org/apache/cxf/ws/rm/RMManager.java -- diff --git a/rt/ws/rm/src/main/java/org/apache/cxf/ws/rm/RMManager.java b/rt/ws/rm/src/main/java/org/apache/cxf/ws/rm/RMManager.java index 6a0839e..a29a6a7 100644 --- a/rt/ws/rm/src/main/java/org/apache/cxf/ws/rm/RMManager.java +++ b/rt/ws/rm/src/main/java/org/apache/cxf/ws/rm/RMManager.java @@ -475,8 +475,8 @@ public class RMManager { Map context = new HashMap (16); for (String key : message.getContextualPropertyKeys()) { //copy other properties? -if (key.startsWith("ws-security")) { -context.put(key,
[4/5] cxf git commit: Fixing merge
Fixing merge Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/4586fe5b Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/4586fe5b Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/4586fe5b Branch: refs/heads/3.1.x-fixes Commit: 4586fe5b01c92a5353ff73bd0966d2a54329bb8b Parents: 375c356 Author: Colm O hEigeartaighAuthored: Tue Mar 28 16:31:44 2017 +0100 Committer: Colm O hEigeartaigh Committed: Tue Mar 28 16:31:44 2017 +0100 -- .../ws/rm/sec/WSRMWithWSSecurityPolicyTest.java | 34 -- .../ws/policy/handler/HelloServiceImpl.java | 48 .../cxf/systest/ws/wssc/WSSCUnitTest.java | 12 - .../systest/ws/x509/DoubleItPropertiesImpl.java | 7 --- 4 files changed, 101 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/4586fe5b/systests/ws-rm/src/test/java/org/apache/cxf/systest/ws/rm/sec/WSRMWithWSSecurityPolicyTest.java -- diff --git a/systests/ws-rm/src/test/java/org/apache/cxf/systest/ws/rm/sec/WSRMWithWSSecurityPolicyTest.java b/systests/ws-rm/src/test/java/org/apache/cxf/systest/ws/rm/sec/WSRMWithWSSecurityPolicyTest.java index c70f57d..c944a4f 100644 --- a/systests/ws-rm/src/test/java/org/apache/cxf/systest/ws/rm/sec/WSRMWithWSSecurityPolicyTest.java +++ b/systests/ws-rm/src/test/java/org/apache/cxf/systest/ws/rm/sec/WSRMWithWSSecurityPolicyTest.java @@ -96,39 +96,6 @@ public class WSRMWithWSSecurityPolicyTest extends AbstractBusClientServerTestBas @Test public void testContextProperty() throws Exception { -<<< HEAD -ClassPathXmlApplicationContext context = -new ClassPathXmlApplicationContext("org/apache/cxf/systest/ws/rm/sec/client-policy.xml"); -Bus bus = (Bus)context.getBean("bus"); -BusFactory.setDefaultBus(bus); -BusFactory.setThreadDefaultBus(bus); -Greeter greeter = (Greeter)context.getBean("GreeterCombinedClientNoProperty"); -Client client = ClientProxy.getClient(greeter); -QName operationQName = new QName("http://cxf.apache.org/greeter_control;, "greetMe"); -BindingOperationInfo boi = client.getEndpoint().getBinding().getBindingInfo().getOperation(operationQName); -Map invocationContext = new HashMap (); -Map requestContext = new HashMap (); -Map responseContext = new HashMap (); -invocationContext.put(Client.REQUEST_CONTEXT, requestContext); -invocationContext.put(Client.RESPONSE_CONTEXT, responseContext); - -requestContext.put("ws-security.username", "Alice"); -requestContext.put("ws-security.callback-handler", "org.apache.cxf.systest.ws.rm.sec.UTPasswordCallback"); -requestContext.put("ws-security.encryption.properties", "bob.properties"); -requestContext.put("ws-security.encryption.username", "bob"); -requestContext.put("ws-security.signature.properties", "alice.properties"); -requestContext.put("ws-security.signature.username", "alice"); -RMManager manager = bus.getExtension(RMManager.class); -boolean empty = manager.getRetransmissionQueue().isEmpty(); -assertTrue("RetransmissionQueue is not empty", empty); -GreetMe param = new GreetMe(); -param.setRequestType("testContextProperty"); -Object[] answer = client.invoke(boi, new Object[]{param}, invocationContext); -Assert.assertEquals("TESTCONTEXTPROPERTY", answer[0].toString()); -Thread.sleep(5000); -empty = manager.getRetransmissionQueue().isEmpty(); -assertTrue("RetransmissionQueue not empty", empty); -=== try (ClassPathXmlApplicationContext context = new ClassPathXmlApplicationContext("org/apache/cxf/systest/ws/rm/sec/client-policy.xml")) { Bus bus = (Bus)context.getBean("bus"); @@ -162,7 +129,6 @@ public class WSRMWithWSSecurityPolicyTest extends AbstractBusClientServerTestBas empty = manager.getRetransmissionQueue().isEmpty(); assertTrue("RetransmissionQueue not empty", empty); } ->>> 428f770... Switching to use security constants in the tests instead of strings } } http://git-wip-us.apache.org/repos/asf/cxf/blob/4586fe5b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/HelloServiceImpl.java -- diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/HelloServiceImpl.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/HelloServiceImpl.java index
[2/5] cxf git commit: Switching to use security constants in the tests instead of strings
http://git-wip-us.apache.org/repos/asf/cxf/blob/30119990/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/SamlTokenTest.java -- diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/SamlTokenTest.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/SamlTokenTest.java index 188d05c..64219eb 100644 --- a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/SamlTokenTest.java +++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/SamlTokenTest.java @@ -138,7 +138,7 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase { } ((BindingProvider)saml1Port).getRequestContext().put( -"security.saml-callback-handler", new SamlCallbackHandler() +SecurityConstants.SAML_CALLBACK_HANDLER, new SamlCallbackHandler() ); try { saml1Port.doubleIt(25); @@ -149,7 +149,7 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase { } ((BindingProvider)saml1Port).getRequestContext().put( -"security.saml-callback-handler", new SamlCallbackHandler(false) +SecurityConstants.SAML_CALLBACK_HANDLER, new SamlCallbackHandler(false) ); int result = saml1Port.doubleIt(25); assertTrue(result == 50); @@ -160,7 +160,7 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase { updateAddressPort(saml1Port, PORT2); ((BindingProvider)saml1Port).getRequestContext().put( -"security.saml-callback-handler", new SamlCallbackHandler(false) +SecurityConstants.SAML_CALLBACK_HANDLER, new SamlCallbackHandler(false) ); try { @@ -203,7 +203,7 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase { SamlCallbackHandler samlCallbackHandler = new SamlCallbackHandler(false, true); samlCallbackHandler.setConfirmationMethod(SAML1Constants.CONF_BEARER); ((BindingProvider)saml1Port).getRequestContext().put( -"security.saml-callback-handler", samlCallbackHandler +SecurityConstants.SAML_CALLBACK_HANDLER, samlCallbackHandler ); int result = saml1Port.doubleIt(25); @@ -242,7 +242,7 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase { SamlCallbackHandler callbackHandler = new SamlCallbackHandler(false, true); callbackHandler.setConfirmationMethod(SAML1Constants.CONF_BEARER); ((BindingProvider)saml1Port).getRequestContext().put( -"security.saml-callback-handler", callbackHandler +SecurityConstants.SAML_CALLBACK_HANDLER, callbackHandler ); ((BindingProvider)saml1Port).getRequestContext().put( @@ -296,7 +296,7 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase { } ((BindingProvider)saml1Port).getRequestContext().put( -"security.saml-callback-handler", new SamlElementCallbackHandler(false) +SecurityConstants.SAML_CALLBACK_HANDLER, new SamlElementCallbackHandler(false) ); int result = saml1Port.doubleIt(25); assertTrue(result == 50); @@ -334,7 +334,7 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase { } ((BindingProvider)saml2Port).getRequestContext().put( -"security.saml-callback-handler", new SamlCallbackHandler(false) +SecurityConstants.SAML_CALLBACK_HANDLER, new SamlCallbackHandler(false) ); try { saml2Port.doubleIt(25); @@ -347,7 +347,7 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase { SamlCallbackHandler samlCallbackHandler = new SamlCallbackHandler(); samlCallbackHandler.setSignAssertion(true); ((BindingProvider)saml2Port).getRequestContext().put( -"security.saml-callback-handler", samlCallbackHandler +SecurityConstants.SAML_CALLBACK_HANDLER, samlCallbackHandler ); int result = saml2Port.doubleIt(25); assertTrue(result == 50); @@ -381,7 +381,7 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase { } ((BindingProvider)saml2Port).getRequestContext().put( -"security.saml-callback-handler", new SamlCallbackHandler() +SecurityConstants.SAML_CALLBACK_HANDLER, new SamlCallbackHandler() ); try { @@ -425,7 +425,7 @@ public class SamlTokenTest extends AbstractBusClientServerTestBase { } ((BindingProvider)saml2Port).getRequestContext().put( -"security.saml-callback-handler", new SamlCallbackHandler(false) +SecurityConstants.SAML_CALLBACK_HANDLER, new SamlCallbackHandler(false) ); try {
[5/5] cxf git commit: Fixing merge
Fixing merge Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/794243e6 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/794243e6 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/794243e6 Branch: refs/heads/3.1.x-fixes Commit: 794243e6c9ed943a78cde259f40d984514c03559 Parents: 4586fe5 Author: Colm O hEigeartaighAuthored: Tue Mar 28 17:10:04 2017 +0100 Committer: Colm O hEigeartaigh Committed: Tue Mar 28 17:10:04 2017 +0100 -- .../jaxrs/security/xml/JAXRSXmlSecTest.java | 113 +-- 1 file changed, 1 insertion(+), 112 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/794243e6/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java -- diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java index 83584e5..7eff132 100644 --- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java +++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java @@ -98,7 +98,7 @@ public class JAXRSXmlSecTest extends AbstractBusClientServerTestBase { Bus springBus = bf.createBus(busFile.toString()); bean.setBus(springBus); -Map newProperties = new HashMap<>(); +Map newProperties = new HashMap (); newProperties.put(SecurityConstants.CALLBACK_HANDLER, "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback"); newProperties.put(SecurityConstants.SIGNATURE_USERNAME, "alice"); @@ -143,13 +143,8 @@ public class JAXRSXmlSecTest extends AbstractBusClientServerTestBase { String address = "https://localhost:; + test.port + "/xmlsigconstraints"; // Successful test with "bob" -<<< HEAD -Map newProperties = new HashMap (); -newProperties.put("security.callback-handler", -=== Map newProperties = new HashMap<>(); newProperties.put(SecurityConstants.CALLBACK_HANDLER, ->>> 428f770... Switching to use security constants in the tests instead of strings "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback"); newProperties.put(SecurityConstants.SIGNATURE_USERNAME, "bob"); @@ -159,11 +154,7 @@ public class JAXRSXmlSecTest extends AbstractBusClientServerTestBase { // Constraint validation fails with "alice" newProperties.clear(); -<<< HEAD -newProperties.put("security.callback-handler", -=== newProperties.put(SecurityConstants.CALLBACK_HANDLER, ->>> 428f770... Switching to use security constants in the tests instead of strings "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback"); newProperties.put(SecurityConstants.SIGNATURE_USERNAME, "alice"); @@ -196,17 +187,10 @@ public class JAXRSXmlSecTest extends AbstractBusClientServerTestBase { Map newProperties = new HashMap (properties); if (newProperties.isEmpty()) { -<<< HEAD -newProperties.put("security.callback-handler", - "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback"); -newProperties.put("security.signature.username", "alice"); - -=== newProperties.put(SecurityConstants.CALLBACK_HANDLER, "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback"); newProperties.put(SecurityConstants.SIGNATURE_USERNAME, "alice"); ->>> 428f770... Switching to use security constants in the tests instead of strings String cryptoUrl = "org/apache/cxf/systest/jaxrs/security/alice.properties"; if (cryptoUrlPrefix != null) { cryptoUrl = cryptoUrlPrefix + this.getClass().getResource("/" + cryptoUrl).toURI().getPath(); @@ -278,19 +262,11 @@ public class JAXRSXmlSecTest extends AbstractBusClientServerTestBase { Bus springBus = bf.createBus(busFile.toString()); bean.setBus(springBus); -<<< HEAD -Map properties = new HashMap (); -properties.put("security.callback-handler", - "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback"); -properties.put("security.signature.username", "alice"); -
[1/5] cxf git commit: Recording .gitmergeinfo Changes
Repository: cxf Updated Branches: refs/heads/3.1.x-fixes 0b094e88f -> 794243e6c Recording .gitmergeinfo Changes Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/375c356a Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/375c356a Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/375c356a Branch: refs/heads/3.1.x-fixes Commit: 375c356a6cda9fed795173155eebc5d1c5b523f1 Parents: 3011999 Author: Colm O hEigeartaighAuthored: Tue Mar 28 16:30:35 2017 +0100 Committer: Colm O hEigeartaigh Committed: Tue Mar 28 16:30:35 2017 +0100 -- .gitmergeinfo | 1 + 1 file changed, 1 insertion(+) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/375c356a/.gitmergeinfo -- diff --git a/.gitmergeinfo b/.gitmergeinfo index d09c806..e21ad4a 100644 --- a/.gitmergeinfo +++ b/.gitmergeinfo @@ -376,6 +376,7 @@ M 3bbfc22e182ffea8c98ba8f84b4f55abfce353e7 M 3be9aac26a003ef43995054da875ffd5fa5a2eb4 M 3e30d8892a723adcf04268efd7d407e164607065 M 417fb946eec38f403d915e90f405594675a7f7e0 +M 428f7700de80d4d6ea09158f42d057e9f24abe48 M 437c7daa3345c8482deab4a4da9b164e68fd417a M 45d54d558625236b84752b0d7976f0cf85518c16 M 4719a033d54fd9fcd173be273e6c320d8353b631
[1/2] cxf git commit: Switching to use security constants in the tests instead of strings
Repository: cxf Updated Branches: refs/heads/master 0ffcd507e -> 428f7700d http://git-wip-us.apache.org/repos/asf/cxf/blob/428f7700/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssc/WSSCUnitTest.java -- diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssc/WSSCUnitTest.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssc/WSSCUnitTest.java index 0ee3226..fe6afde 100644 --- a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssc/WSSCUnitTest.java +++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssc/WSSCUnitTest.java @@ -36,6 +36,7 @@ import javax.xml.ws.Service; import org.apache.cxf.Bus; import org.apache.cxf.bus.spring.SpringBusFactory; +import org.apache.cxf.rt.security.SecurityConstants; import org.apache.cxf.systest.ws.common.SecurityTestUtil; import org.apache.cxf.systest.ws.common.TestParam; import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase; @@ -206,11 +207,11 @@ public class WSSCUnitTest extends AbstractBusClientServerTestBase { stsClient.setPolicy(createSymmetricBindingPolicy()); Mapproperties = new HashMap<>(); -properties.put("security.encryption.username", "bob"); +properties.put(SecurityConstants.ENCRYPT_USERNAME, "bob"); TokenCallbackHandler callbackHandler = new TokenCallbackHandler(); -properties.put("security.callback-handler", callbackHandler); -properties.put("security.signature.properties", "alice.properties"); -properties.put("security.encryption.properties", "bob.properties"); +properties.put(SecurityConstants.CALLBACK_HANDLER, callbackHandler); +properties.put(SecurityConstants.SIGNATURE_PROPERTIES, "alice.properties"); +properties.put(SecurityConstants.ENCRYPT_PROPERTIES, "bob.properties"); stsClient.setProperties(properties); SecurityToken securityToken = @@ -241,11 +242,11 @@ public class WSSCUnitTest extends AbstractBusClientServerTestBase { stsClient.setPolicy(createSymmetricBindingPolicy()); Map properties = new HashMap<>(); -properties.put("security.encryption.username", "bob"); +properties.put(SecurityConstants.ENCRYPT_USERNAME, "bob"); TokenCallbackHandler callbackHandler = new TokenCallbackHandler(); -properties.put("security.callback-handler", callbackHandler); -properties.put("security.signature.properties", "alice.properties"); -properties.put("security.encryption.properties", "bob.properties"); +properties.put(SecurityConstants.CALLBACK_HANDLER, callbackHandler); +properties.put(SecurityConstants.SIGNATURE_PROPERTIES, "alice.properties"); +properties.put(SecurityConstants.ENCRYPT_PROPERTIES, "bob.properties"); stsClient.setProperties(properties); SecurityToken securityToken = http://git-wip-us.apache.org/repos/asf/cxf/blob/428f7700/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/x509/DoubleItPropertiesImpl.java -- diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/x509/DoubleItPropertiesImpl.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/x509/DoubleItPropertiesImpl.java index a729832..23ae971 100644 --- a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/x509/DoubleItPropertiesImpl.java +++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/x509/DoubleItPropertiesImpl.java @@ -23,6 +23,7 @@ import javax.jws.WebService; import org.apache.cxf.annotations.EndpointProperties; import org.apache.cxf.annotations.EndpointProperty; import org.apache.cxf.feature.Features; +import org.apache.cxf.rt.security.SecurityConstants; import org.example.contract.doubleit.DoubleItFault; import org.example.contract.doubleit.DoubleItPortType; @@ -33,10 +34,10 @@ import org.example.contract.doubleit.DoubleItPortType; @Features(features = "org.apache.cxf.feature.LoggingFeature") @EndpointProperties({ -@EndpointProperty(key = "security.encryption.username", value = "alice"), -@EndpointProperty(key = "security.encryption.properties", value = "alice.properties"), -@EndpointProperty(key = "security.signature.properties", value = "bob.properties"), -@EndpointProperty(key = "security.callback-handler", +@EndpointProperty(key = SecurityConstants.ENCRYPT_USERNAME, value = "alice"), +@EndpointProperty(key = SecurityConstants.ENCRYPT_PROPERTIES, value = "alice.properties"), +@EndpointProperty(key = SecurityConstants.SIGNATURE_PROPERTIES, value = "bob.properties"), +@EndpointProperty(key = SecurityConstants.CALLBACK_HANDLER, value = "org.apache.cxf.systest.ws.common.KeystorePasswordCallback") }) public class DoubleItPropertiesImpl
[2/2] cxf git commit: Switching to use security constants in the tests instead of strings
Switching to use security constants in the tests instead of strings Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/428f7700 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/428f7700 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/428f7700 Branch: refs/heads/master Commit: 428f7700de80d4d6ea09158f42d057e9f24abe48 Parents: 0ffcd50 Author: Colm O hEigeartaighAuthored: Tue Mar 28 16:27:09 2017 +0100 Committer: Colm O hEigeartaigh Committed: Tue Mar 28 16:27:09 2017 +0100 -- .../java/org/apache/cxf/ws/rm/RMManager.java| 2 +- .../systest/sts/custom/CustomParameterTest.java | 16 +-- .../custom_onbehalfof/CustomOnBehalfOfTest.java | 5 +- .../cxf/systest/sts/renew/SAMLRenewTest.java| 2 +- .../SecurityContextTokenCancelTest.java | 2 +- .../sts/sendervouches/DoubleItPortTypeImpl.java | 3 +- .../sts/symmetric/SymmetricBindingTest.java | 8 +- .../cxf/systest/sts/template/TemplateTest.java | 4 +- .../sts/transport/TransportBindingTest.java | 4 +- .../UsernameActAsCachingTest.java | 34 +++--- .../sts/username_actas/UsernameActAsTest.java | 7 +- .../UsernameOnBehalfOfCachingTest.java | 34 +++--- .../UsernameOnBehalfOfTest.java | 7 +- .../security/oauth2/grants/JAXRSOAuth2Test.java | 9 +- .../saml/JAXRSSamlAuthorizationTest.java| 3 +- .../jaxrs/security/xml/JAXRSXmlSecTest.java | 113 ++- .../ws/rm/sec/WSRMWithWSSecurityPolicyTest.java | 16 +-- .../apache/cxf/systest/ws/fault/FaultTest.java | 31 ++--- .../ws/policy/handler/HelloServiceImpl.java | 7 +- .../cxf/systest/ws/saml/SamlTokenTest.java | 62 +- .../saml/subjectconf/SamlSubjectConfTest.java | 19 ++-- .../cxf/systest/ws/wssc/WSSCUnitTest.java | 17 +-- .../systest/ws/x509/DoubleItPropertiesImpl.java | 9 +- 23 files changed, 214 insertions(+), 200 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/428f7700/rt/ws/rm/src/main/java/org/apache/cxf/ws/rm/RMManager.java -- diff --git a/rt/ws/rm/src/main/java/org/apache/cxf/ws/rm/RMManager.java b/rt/ws/rm/src/main/java/org/apache/cxf/ws/rm/RMManager.java index ecf41f9..0f1ac27 100644 --- a/rt/ws/rm/src/main/java/org/apache/cxf/ws/rm/RMManager.java +++ b/rt/ws/rm/src/main/java/org/apache/cxf/ws/rm/RMManager.java @@ -475,7 +475,7 @@ public class RMManager { Map context = new HashMap<>(16); for (String key : message.getContextualPropertyKeys()) { //copy other properties? -if (key.startsWith("ws-security")) { +if (key.startsWith("ws-security") || key.startsWith("security.")) { context.put(key, message.getContextualProperty(key)); } } http://git-wip-us.apache.org/repos/asf/cxf/blob/428f7700/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/custom/CustomParameterTest.java -- diff --git a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/custom/CustomParameterTest.java b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/custom/CustomParameterTest.java index f59f1e3..f6ff291 100644 --- a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/custom/CustomParameterTest.java +++ b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/custom/CustomParameterTest.java @@ -98,8 +98,8 @@ public class CustomParameterTest extends AbstractBusClientServerTestBase { stsClient.setEndpointName("{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}UT_Port;); Map properties = new HashMap<>(); -properties.put("security.username", "alice"); -properties.put("security.callback-handler", "org.apache.cxf.systest.sts.common.CommonCallbackHandler"); +properties.put(SecurityConstants.USERNAME, "alice"); +properties.put(SecurityConstants.CALLBACK_HANDLER, "org.apache.cxf.systest.sts.common.CommonCallbackHandler"); properties.put("security.sts.token.username", "myclientkey"); properties.put("security.sts.token.properties", "clientKeystore.properties"); properties.put("security.sts.token.usecert", "true"); @@ -143,8 +143,8 @@ public class CustomParameterTest extends AbstractBusClientServerTestBase { stsClient.setEndpointName("{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}UT_Port;); Map properties = new HashMap<>(); -properties.put("security.username", "alice"); -
[2/6] cxf git commit: Adding signature negative tests for WS-Security, client + server side
Adding signature negative tests for WS-Security, client + server side Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/8b13c36c Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/8b13c36c Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/8b13c36c Branch: refs/heads/3.0.x-fixes Commit: 8b13c36c0978164dc24c80cd7c2f046cba2ea4a2 Parents: 657541e Author: Colm O hEigeartaighAuthored: Tue Mar 28 12:18:54 2017 +0100 Committer: Colm O hEigeartaigh Committed: Tue Mar 28 14:35:05 2017 +0100 -- .../cxf/systest/ws/action/ActionTest.java | 112 +++ .../ws/common/KeystorePasswordCallback.java | 2 + .../src/test/resources/bethal.properties| 24 .../cxf/systest/ws/action/DoubleItAction.wsdl | 12 ++ .../org/apache/cxf/systest/ws/action/client.xml | 104 + .../org/apache/cxf/systest/ws/action/server.xml | 104 + .../src/test/resources/truststore.properties| 23 7 files changed, 381 insertions(+) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/8b13c36c/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java -- diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java index 2a67c22..9d86f62 100644 --- a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java +++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java @@ -291,4 +291,116 @@ public class ActionTest extends AbstractBusClientServerTestBase { ((java.io.Closeable)port).close(); bus.shutdown(true); } + +@org.junit.Test +public void testSignatureNegativeClient() throws Exception { + +SpringBusFactory bf = new SpringBusFactory(); +URL busFile = ActionTest.class.getResource("client.xml"); + +Bus bus = bf.createBus(busFile.toString()); +SpringBusFactory.setDefaultBus(bus); +SpringBusFactory.setThreadDefaultBus(bus); + +URL wsdl = ActionTest.class.getResource("DoubleItAction.wsdl"); +Service service = Service.create(wsdl, SERVICE_QNAME); +QName portQName = new QName(NAMESPACE, "DoubleItSignatureNegativeClientPort"); +DoubleItPortType port = +service.getPort(portQName, DoubleItPortType.class); +updateAddressPort(port, PORT); + +try { +port.doubleIt(25); +fail("Failure expected as the client doesn't trust the cert of the service"); +} catch (javax.xml.ws.soap.SOAPFaultException ex) { +// expected +} + +((java.io.Closeable)port).close(); +bus.shutdown(true); +} + +@org.junit.Test +public void testSignatureNegativeClientStreaming() throws Exception { + +SpringBusFactory bf = new SpringBusFactory(); +URL busFile = ActionTest.class.getResource("client.xml"); + +Bus bus = bf.createBus(busFile.toString()); +SpringBusFactory.setDefaultBus(bus); +SpringBusFactory.setThreadDefaultBus(bus); + +URL wsdl = ActionTest.class.getResource("DoubleItAction.wsdl"); +Service service = Service.create(wsdl, SERVICE_QNAME); +QName portQName = new QName(NAMESPACE, "DoubleItSignatureNegativeClientPort2"); +DoubleItPortType port = +service.getPort(portQName, DoubleItPortType.class); +updateAddressPort(port, PORT); + +try { +port.doubleIt(25); +fail("Failure expected as the client doesn't trust the cert of the service"); +} catch (javax.xml.ws.soap.SOAPFaultException ex) { +// expected +} + +((java.io.Closeable)port).close(); +bus.shutdown(true); +} + +@org.junit.Test +public void testSignatureNegativeServer() throws Exception { + +SpringBusFactory bf = new SpringBusFactory(); +URL busFile = ActionTest.class.getResource("client.xml"); + +Bus bus = bf.createBus(busFile.toString()); +SpringBusFactory.setDefaultBus(bus); +SpringBusFactory.setThreadDefaultBus(bus); + +URL wsdl = ActionTest.class.getResource("DoubleItAction.wsdl"); +Service service = Service.create(wsdl, SERVICE_QNAME); +QName portQName = new QName(NAMESPACE, "DoubleItSignatureNegativeServerPort"); +DoubleItPortType port = +service.getPort(portQName, DoubleItPortType.class); +updateAddressPort(port, PORT); + +try { +port.doubleIt(25); +fail("Failure expected as the service doesn't trust the
[5/6] cxf git commit: Recording .gitmergeinfo Changes
Recording .gitmergeinfo Changes Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/53416a58 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/53416a58 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/53416a58 Branch: refs/heads/3.0.x-fixes Commit: 53416a586f1aff111dbdfc361e858b1ec1c28b6b Parents: 6386e37 Author: Colm O hEigeartaighAuthored: Tue Mar 28 14:35:32 2017 +0100 Committer: Colm O hEigeartaigh Committed: Tue Mar 28 14:35:32 2017 +0100 -- .gitmergeinfo | 2 ++ 1 file changed, 2 insertions(+) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/53416a58/.gitmergeinfo -- diff --git a/.gitmergeinfo b/.gitmergeinfo index 6580322..7d99e41 100644 --- a/.gitmergeinfo +++ b/.gitmergeinfo @@ -59,6 +59,7 @@ B 0aaa2b5742a53bf31704939e4bc21906100bbc54 B 0ab9416fda31298e485f2a6864c263447e4b32de B 0ac5dde071c9c2731fca757a2108f5dd698f8af5 B 0afa064ee3b92a6b3e5fd8c5205a287d7884353b +B 0b094e88f775dc10caea0b85a52dcc21ef45300c B 0b40c84e1440601a9b8779b93812b1c41cddd138 B 0b7e0e914328aa7a78a2eab00bb1040c703e9b63 B 0b9097fbd1cddbb4a183e9448576bde2a6eb2589 @@ -1899,6 +1900,7 @@ M aca58c80bbe184c1730d21e9752ef7825a006bc0 M ad75192db72294e6d117e020aea890a50c166f79 M aeff8782d28ec57e5aaab9c7b709d89e1d2a7c15 M af2f7d3a52076f60d0f98a2635e2adef256a9efe +M af69b53d8460c7c80546afb8ae56dd086a807a6f M af7de1d82d77e3653b72ee83b4aa3f91e1a1d039 M afaf1debd104b7d9850713b866b9f4d58e8dd8d5 M b0035ade0042160b77b4848939f58efe9a77d6c7
[3/6] cxf git commit: Adding some negative tests for trust verification for rs-security
Adding some negative tests for trust verification for rs-security # Conflicts: # rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/7cee545a Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/7cee545a Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/7cee545a Branch: refs/heads/3.0.x-fixes Commit: 7cee545a760b2f0468a791db2c8c07ae9e75b86d Parents: 8b13c36 Author: Colm O hEigeartaighAuthored: Tue Mar 28 13:04:16 2017 +0100 Committer: Colm O hEigeartaigh Committed: Tue Mar 28 14:35:26 2017 +0100 -- .../security/xml/AbstractXmlSecInHandler.java | 6 +- .../rs/security/xml/XmlSecInInterceptor.java| 6 +- .../security/saml/KeystorePasswordCallback.java | 4 + .../jaxrs/security/xml/JAXRSXmlSecTest.java | 90 .../systest/jaxrs/security/bethal.properties| 24 ++ .../systest/jaxrs/security/morpit.properties| 21 + .../jaxrs/security/morpittrust.properties | 23 + .../cxf/systest/jaxrs/security/xml/server.xml | 32 +++ .../systest/jaxrs/security/xml/stax-server.xml | 34 +++- 9 files changed, 235 insertions(+), 5 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/7cee545a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java -- diff --git a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java index 035e54b..84c8150 100644 --- a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java +++ b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java @@ -80,7 +80,11 @@ public abstract class AbstractXmlSecInHandler { } protected void throwFault(String error, Exception ex) { -LOG.warning(error); +StringBuilder log = new StringBuilder(error); +if (ex != null) { +log = log.append(" - ").append(ex.getMessage()); +} +LOG.warning(log.toString()); Response response = JAXRSUtils.toResponseBuilder(400).entity(error).build(); throw ExceptionUtils.toBadRequestException(null, response); } http://git-wip-us.apache.org/repos/asf/cxf/blob/7cee545a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java -- diff --git a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java index 07bc910..44da705 100644 --- a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java +++ b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java @@ -308,8 +308,8 @@ public class XmlSecInInterceptor extends AbstractPhaseInterceptor imple try { new TrustValidator().validateTrust(sigCrypto, cert, publicKey, subjectDNPatterns); } catch (WSSecurityException e) { -throw new XMLSecurityException("empty", new Object[] {"Error during Signature Trust " - + "validation: " + e.getMessage()}); +String error = "Signature validation failed"; +throw new XMLSecurityException("empty", new Object[] {error}); } if (persistSignature) { @@ -400,7 +400,7 @@ public class XmlSecInInterceptor extends AbstractPhaseInterceptor imple } } - + /** * This interceptor handles parsing the StaX results (events) + checks to see whether the * required (if any) Actions (signature or encryption) were fulfilled. http://git-wip-us.apache.org/repos/asf/cxf/blob/7cee545a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/KeystorePasswordCallback.java -- diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/KeystorePasswordCallback.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/KeystorePasswordCallback.java index 3103aad..099bc4e 100644 --- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/KeystorePasswordCallback.java +++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/KeystorePasswordCallback.java @@ -46,6 +46,10 @@ public
[4/6] cxf git commit: Fixing tests
Fixing tests Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/6386e377 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/6386e377 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/6386e377 Branch: refs/heads/3.0.x-fixes Commit: 6386e3772dffdf08d72d0eab204ca38001c72387 Parents: 7cee545 Author: Colm O hEigeartaighAuthored: Tue Mar 28 13:10:51 2017 +0100 Committer: Colm O hEigeartaigh Committed: Tue Mar 28 14:35:32 2017 +0100 -- .../jaxrs/security/xml/JAXRSXmlSecTest.java | 26 1 file changed, 10 insertions(+), 16 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/6386e377/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java -- diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java index f4218ec..1cc5ad2 100644 --- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java +++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java @@ -244,7 +244,7 @@ public class JAXRSXmlSecTest extends AbstractBusClientServerTestBase { if (!useKeyInfo) { sigInInterceptor.setSignatureVerificationAlias("alice"); } -bean.getInInterceptors().add(sigInInterceptor); +bean.setProvider(sigInInterceptor); } else { XmlSigOutInterceptor sigOutInterceptor = new XmlSigOutInterceptor(); if (enveloping) { @@ -260,19 +260,13 @@ public class JAXRSXmlSecTest extends AbstractBusClientServerTestBase { WebClient wc = bean.createWebClient(); WebClient.getConfig(wc).getHttpConduit().getClient().setReceiveTimeout(1000L); -try { -Book book; -if (!fromResponse) { -book = wc.post(new Book("CXF", 126L), Book.class); -} else { -book = wc.post(new Book("CXF", 126L)).readEntity(Book.class); -} -assertEquals(126L, book.getId()); -} catch (WebApplicationException ex) { -fail(ex.getMessage()); -} catch (ProcessingException ex) { -assertTrue(ex.getCause() instanceof BadRequestException); +Book book; +if (!fromResponse) { +book = wc.post(new Book("CXF", 126L), Book.class); +} else { +book = wc.post(new Book("CXF", 126L)).readEntity(Book.class); } +assertEquals(126L, book.getId()); } @Test @@ -301,7 +295,7 @@ public class JAXRSXmlSecTest extends AbstractBusClientServerTestBase { XmlSecInInterceptor sigInInterceptor = new XmlSecInInterceptor(); sigInInterceptor.setRequireSignature(true); -bean.getInInterceptors().add(sigInInterceptor); +bean.setProvider(sigInInterceptor); } else { XmlSigOutInterceptor sigOutInterceptor = new XmlSigOutInterceptor(); bean.getOutInterceptors().add(sigOutInterceptor); @@ -346,7 +340,7 @@ public class JAXRSXmlSecTest extends AbstractBusClientServerTestBase { XmlSecInInterceptor sigInInterceptor = new XmlSecInInterceptor(); sigInInterceptor.setRequireSignature(true); -bean.getInInterceptors().add(sigInInterceptor); +bean.setProvider(sigInInterceptor); } else { XmlSigOutInterceptor sigOutInterceptor = new XmlSigOutInterceptor(); bean.getOutInterceptors().add(sigOutInterceptor); @@ -542,7 +536,7 @@ public class JAXRSXmlSecTest extends AbstractBusClientServerTestBase { XmlSecInInterceptor encInInterceptor = new XmlSecInInterceptor(); encInInterceptor.setRequireEncryption(true); -bean.getInInterceptors().add(encInInterceptor); +bean.setProvider(encInInterceptor); } else { if (sign) { bean.getOutInterceptors().add(new XmlSigOutInterceptor());
[1/6] cxf git commit: Removing unused file
Repository: cxf Updated Branches: refs/heads/3.0.x-fixes 3d4462f94 -> 381c4b6b4 Removing unused file Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/657541ea Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/657541ea Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/657541ea Branch: refs/heads/3.0.x-fixes Commit: 657541eaed35b7e5ebf69354cc1463eaf4440b5f Parents: 3d4462f Author: Colm O hEigeartaighAuthored: Tue Mar 28 11:55:24 2017 +0100 Committer: Colm O hEigeartaigh Committed: Tue Mar 28 14:35:03 2017 +0100 -- systests/ws-security/src/test/resources/kerberos.jaas | 8 1 file changed, 8 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/657541ea/systests/ws-security/src/test/resources/kerberos.jaas -- diff --git a/systests/ws-security/src/test/resources/kerberos.jaas b/systests/ws-security/src/test/resources/kerberos.jaas deleted file mode 100644 index b773cf6..000 --- a/systests/ws-security/src/test/resources/kerberos.jaas +++ /dev/null @@ -1,8 +0,0 @@ - -alice { -com.sun.security.auth.module.Krb5LoginModule required refreshKrb5Config=true useKeyTab=true keyTab="/etc/alice.keytab" principal="alice"; -}; - -bob { -com.sun.security.auth.module.Krb5LoginModule required refreshKrb5Config=true useKeyTab=true storeKey=true keyTab="/etc/bob.keytab" principal="bob/service.ws.apache.org"; -};
[6/6] cxf git commit: Fixing tests
Fixing tests Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/381c4b6b Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/381c4b6b Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/381c4b6b Branch: refs/heads/3.0.x-fixes Commit: 381c4b6b4d26048d0ff0fa3deed7d7f29c965cfc Parents: 53416a5 Author: Colm O hEigeartaighAuthored: Tue Mar 28 15:38:06 2017 +0100 Committer: Colm O hEigeartaigh Committed: Tue Mar 28 15:38:06 2017 +0100 -- .../jaxrs/security/xml/JAXRSXmlSecTest.java | 230 +-- .../src/test/resources/keys/Bethal.jks | Bin 0 -> 2202 bytes .../src/test/resources/keys/Morpit.jks | Bin 0 -> 2221 bytes .../src/test/resources/keys/Truststore.jks | Bin 0 -> 4447 bytes .../cxf/systest/jaxrs/security/xml/server.xml | 8 +- .../systest/jaxrs/security/xml/stax-server.xml | 8 +- 6 files changed, 123 insertions(+), 123 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/381c4b6b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java -- diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java index 1cc5ad2..747d12f 100644 --- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java +++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java @@ -55,43 +55,43 @@ import org.junit.runners.Parameterized.Parameters; public class JAXRSXmlSecTest extends AbstractBusClientServerTestBase { public static final String PORT = BookServerXmlSec.PORT; public static final String STAX_PORT = StaxBookServerXmlSec.PORT; - + final TestParam test; - + public JAXRSXmlSecTest(TestParam type) { this.test = type; } @BeforeClass public static void startServers() throws Exception { -assertTrue("server did not launch correctly", +assertTrue("server did not launch correctly", launchServer(BookServerXmlSec.class, true)); -assertTrue("server did not launch correctly", +assertTrue("server did not launch correctly", launchServer(StaxBookServerXmlSec.class, true)); } - + @Parameters(name = "{0}") public static Collection data() { - + return Arrays.asList(new TestParam[][] {{new TestParam(PORT, false)}, {new TestParam(STAX_PORT, false)}, {new TestParam(PORT, true)}, {new TestParam(STAX_PORT, true)}, }); } - + @Test public void testPostBookWithEnvelopedSigAndProxy() throws Exception { String address = "https://localhost:; + test.port + "/xmlsig"; doTestSignatureProxy(address, false, null, test.streaming); } - + @Test public void testPostBookWithEnvelopedSigAndProxy2() throws Exception { String address = "https://localhost:; + test.port + "/xmlsig"; doTestSignatureProxy(address, false, "", test.streaming); } - + @Test public void testPostBookEnvelopingSigAndProxy() throws Exception { if (test.streaming || STAX_PORT.equals(test.port)) { @@ -101,24 +101,24 @@ public class JAXRSXmlSecTest extends AbstractBusClientServerTestBase { String address = "https://localhost:; + test.port + "/xmlsig"; doTestSignatureProxy(address, true, "file:", test.streaming); } - + @Test public void testCertConstraints() throws Exception { String address = "https://localhost:; + test.port + "/xmlsigconstraints"; - + // Successful test with "bob" Map newProperties = new HashMap (); -newProperties.put("ws-security.callback-handler", +newProperties.put("ws-security.callback-handler", "org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback"); newProperties.put("ws-security.signature.username", "bob"); String cryptoUrl = "org/apache/cxf/systest/jaxrs/security/bob.properties"; newProperties.put("ws-security.signature.properties", cryptoUrl); doTestSignatureProxy(address, false, null, test.streaming, newProperties); - + // Constraint validation fails with "alice" newProperties.clear(); -newProperties.put("ws-security.callback-handler", +
cxf git commit: Updating XmlSecInInterceptor on 3.0.x
Repository: cxf Updated Branches: refs/heads/3.0.x-fixes 491a6e81e -> 3d4462f94 Updating XmlSecInInterceptor on 3.0.x Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/3d4462f9 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/3d4462f9 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/3d4462f9 Branch: refs/heads/3.0.x-fixes Commit: 3d4462f94085dc4f6f459befc6e397568fa9aec3 Parents: 491a6e8 Author: Sergey BeryozkinAuthored: Tue Mar 28 13:50:30 2017 +0100 Committer: Sergey Beryozkin Committed: Tue Mar 28 13:50:30 2017 +0100 -- .../cxf/jaxrs/impl/AbstractPropertiesImpl.java | 4 ++ .../rs/security/xml/XmlSecInInterceptor.java| 47 +++- 2 files changed, 40 insertions(+), 11 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/3d4462f9/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/AbstractPropertiesImpl.java -- diff --git a/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/AbstractPropertiesImpl.java b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/AbstractPropertiesImpl.java index caf8139..2b69400 100644 --- a/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/AbstractPropertiesImpl.java +++ b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/AbstractPropertiesImpl.java @@ -47,4 +47,8 @@ public abstract class AbstractPropertiesImpl { public Collection getPropertyNames() { return holder.getPropertyNames(); } + +public Message getMessage() { +return m; +} } http://git-wip-us.apache.org/repos/asf/cxf/blob/3d4462f9/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java -- diff --git a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java index 21b431b..07bc910 100644 --- a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java +++ b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java @@ -34,16 +34,21 @@ import java.util.regex.PatternSyntaxException; import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.callback.UnsupportedCallbackException; +import javax.ws.rs.WebApplicationException; import javax.ws.rs.core.Response; +import javax.ws.rs.ext.ReaderInterceptor; +import javax.ws.rs.ext.ReaderInterceptorContext; import javax.xml.stream.XMLStreamException; import javax.xml.stream.XMLStreamReader; import org.apache.cxf.common.logging.LogUtils; import org.apache.cxf.interceptor.Fault; import org.apache.cxf.interceptor.StaxInInterceptor; +import org.apache.cxf.jaxrs.impl.ReaderInterceptorContextImpl; import org.apache.cxf.jaxrs.utils.ExceptionUtils; import org.apache.cxf.jaxrs.utils.JAXRSUtils; import org.apache.cxf.message.Message; +import org.apache.cxf.message.MessageUtils; import org.apache.cxf.phase.AbstractPhaseInterceptor; import org.apache.cxf.phase.Phase; import org.apache.cxf.rs.security.common.CryptoLoader; @@ -71,7 +76,7 @@ import org.apache.xml.security.stax.securityToken.SecurityToken; /** * A new StAX-based interceptor for processing messages with XML Signature + Encryption content. */ -public class XmlSecInInterceptor extends AbstractPhaseInterceptor { +public class XmlSecInInterceptor extends AbstractPhaseInterceptor implements ReaderInterceptor { private static final Logger LOG = LogUtils.getL7dLogger(XmlSecInInterceptor.class); @@ -93,14 +98,16 @@ public class XmlSecInInterceptor extends AbstractPhaseInterceptor { } public void handleMessage(Message message) throws Fault { -String method = (String)message.get(Message.HTTP_REQUEST_METHOD); -if ("GET".equals(method)) { +if (isServerGet(message)) { return; } - -Message outMs = message.getExchange().getOutMessage(); -Message inMsg = outMs == null ? message : outMs.getExchange().getInMessage(); - +prepareMessage(message); +message.getInterceptorChain().add( + new StaxActionInInterceptor(requireSignature, requireEncryption)); +} + +private void prepareMessage(Message inMsg) throws Fault { + XMLStreamReader originalXmlStreamReader = inMsg.getContent(XMLStreamReader.class); if (originalXmlStreamReader == null) { InputStream is = inMsg.getContent(InputStream.class); @@ -108,10 +115,7 @@ public class XmlSecInInterceptor extends
[5/5] cxf git commit: Recording .gitmergeinfo Changes
Recording .gitmergeinfo Changes Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/0b094e88 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/0b094e88 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/0b094e88 Branch: refs/heads/3.1.x-fixes Commit: 0b094e88f775dc10caea0b85a52dcc21ef45300c Parents: e632d68 Author: Colm O hEigeartaighAuthored: Tue Mar 28 13:13:42 2017 +0100 Committer: Colm O hEigeartaigh Committed: Tue Mar 28 13:13:42 2017 +0100 -- .gitmergeinfo | 1 + 1 file changed, 1 insertion(+) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/0b094e88/.gitmergeinfo -- diff --git a/.gitmergeinfo b/.gitmergeinfo index a184639..d09c806 100644 --- a/.gitmergeinfo +++ b/.gitmergeinfo @@ -439,6 +439,7 @@ M 955fd4b7fee79642934a828b7758ce14f783364a M 9a9e0a8a37608195c4ef6fbf386728d13d025d2d M 9b2bda583c09861c693122ab631c4bffa2187ddd M 9b816a21d8b85cc051be59a8ab6e968c5d0d +M 9c6f0b8ef0a00887d11706771c88b0a28c818b9a M 9cd3116cbdbbfb139f40ad2d9e49cec1adf08a08 M 9d3c46e0cfe87700d7105ee131c3e3e33f228e06 M 9d64bcedb508732cdc377312f0fb433ee1dc630e
[1/5] cxf git commit: Removing unused file
Repository: cxf Updated Branches: refs/heads/3.1.x-fixes 3fd465a1b -> 0b094e88f Removing unused file Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/d32aab3c Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/d32aab3c Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/d32aab3c Branch: refs/heads/3.1.x-fixes Commit: d32aab3cb2d834b61e95f32c586218056a5a4014 Parents: 3fd465a Author: Colm O hEigeartaighAuthored: Tue Mar 28 11:55:24 2017 +0100 Committer: Colm O hEigeartaigh Committed: Tue Mar 28 13:13:39 2017 +0100 -- systests/ws-security/src/test/resources/kerberos.jaas | 8 1 file changed, 8 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/d32aab3c/systests/ws-security/src/test/resources/kerberos.jaas -- diff --git a/systests/ws-security/src/test/resources/kerberos.jaas b/systests/ws-security/src/test/resources/kerberos.jaas deleted file mode 100644 index b773cf6..000 --- a/systests/ws-security/src/test/resources/kerberos.jaas +++ /dev/null @@ -1,8 +0,0 @@ - -alice { -com.sun.security.auth.module.Krb5LoginModule required refreshKrb5Config=true useKeyTab=true keyTab="/etc/alice.keytab" principal="alice"; -}; - -bob { -com.sun.security.auth.module.Krb5LoginModule required refreshKrb5Config=true useKeyTab=true storeKey=true keyTab="/etc/bob.keytab" principal="bob/service.ws.apache.org"; -};
[2/5] cxf git commit: Adding signature negative tests for WS-Security, client + server side
Adding signature negative tests for WS-Security, client + server side Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/f05a4156 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/f05a4156 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/f05a4156 Branch: refs/heads/3.1.x-fixes Commit: f05a41565bb5e27b15a00e75c704b41e59789e39 Parents: d32aab3 Author: Colm O hEigeartaighAuthored: Tue Mar 28 12:18:54 2017 +0100 Committer: Colm O hEigeartaigh Committed: Tue Mar 28 13:13:40 2017 +0100 -- .../cxf/systest/ws/action/ActionTest.java | 112 +++ .../ws/common/KeystorePasswordCallback.java | 2 + .../src/test/resources/bethal.properties| 24 .../cxf/systest/ws/action/DoubleItAction.wsdl | 12 ++ .../org/apache/cxf/systest/ws/action/client.xml | 104 + .../org/apache/cxf/systest/ws/action/server.xml | 104 + .../src/test/resources/truststore.properties| 23 7 files changed, 381 insertions(+) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/f05a4156/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java -- diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java index 2a67c22..9d86f62 100644 --- a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java +++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java @@ -291,4 +291,116 @@ public class ActionTest extends AbstractBusClientServerTestBase { ((java.io.Closeable)port).close(); bus.shutdown(true); } + +@org.junit.Test +public void testSignatureNegativeClient() throws Exception { + +SpringBusFactory bf = new SpringBusFactory(); +URL busFile = ActionTest.class.getResource("client.xml"); + +Bus bus = bf.createBus(busFile.toString()); +SpringBusFactory.setDefaultBus(bus); +SpringBusFactory.setThreadDefaultBus(bus); + +URL wsdl = ActionTest.class.getResource("DoubleItAction.wsdl"); +Service service = Service.create(wsdl, SERVICE_QNAME); +QName portQName = new QName(NAMESPACE, "DoubleItSignatureNegativeClientPort"); +DoubleItPortType port = +service.getPort(portQName, DoubleItPortType.class); +updateAddressPort(port, PORT); + +try { +port.doubleIt(25); +fail("Failure expected as the client doesn't trust the cert of the service"); +} catch (javax.xml.ws.soap.SOAPFaultException ex) { +// expected +} + +((java.io.Closeable)port).close(); +bus.shutdown(true); +} + +@org.junit.Test +public void testSignatureNegativeClientStreaming() throws Exception { + +SpringBusFactory bf = new SpringBusFactory(); +URL busFile = ActionTest.class.getResource("client.xml"); + +Bus bus = bf.createBus(busFile.toString()); +SpringBusFactory.setDefaultBus(bus); +SpringBusFactory.setThreadDefaultBus(bus); + +URL wsdl = ActionTest.class.getResource("DoubleItAction.wsdl"); +Service service = Service.create(wsdl, SERVICE_QNAME); +QName portQName = new QName(NAMESPACE, "DoubleItSignatureNegativeClientPort2"); +DoubleItPortType port = +service.getPort(portQName, DoubleItPortType.class); +updateAddressPort(port, PORT); + +try { +port.doubleIt(25); +fail("Failure expected as the client doesn't trust the cert of the service"); +} catch (javax.xml.ws.soap.SOAPFaultException ex) { +// expected +} + +((java.io.Closeable)port).close(); +bus.shutdown(true); +} + +@org.junit.Test +public void testSignatureNegativeServer() throws Exception { + +SpringBusFactory bf = new SpringBusFactory(); +URL busFile = ActionTest.class.getResource("client.xml"); + +Bus bus = bf.createBus(busFile.toString()); +SpringBusFactory.setDefaultBus(bus); +SpringBusFactory.setThreadDefaultBus(bus); + +URL wsdl = ActionTest.class.getResource("DoubleItAction.wsdl"); +Service service = Service.create(wsdl, SERVICE_QNAME); +QName portQName = new QName(NAMESPACE, "DoubleItSignatureNegativeServerPort"); +DoubleItPortType port = +service.getPort(portQName, DoubleItPortType.class); +updateAddressPort(port, PORT); + +try { +port.doubleIt(25); +fail("Failure expected as the service doesn't trust the
[4/5] cxf git commit: Fixing tests
Fixing tests Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/e632d680 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/e632d680 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/e632d680 Branch: refs/heads/3.1.x-fixes Commit: e632d68027186cecd1e45261bdb250f32019c013 Parents: af69b53 Author: Colm O hEigeartaighAuthored: Tue Mar 28 13:10:51 2017 +0100 Committer: Colm O hEigeartaigh Committed: Tue Mar 28 13:13:42 2017 +0100 -- .../jaxrs/security/xml/JAXRSXmlSecTest.java | 26 1 file changed, 10 insertions(+), 16 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/e632d680/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java -- diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java index 94084a6..3d55f31 100644 --- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java +++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java @@ -279,7 +279,7 @@ public class JAXRSXmlSecTest extends AbstractBusClientServerTestBase { if (!useKeyInfo) { sigInInterceptor.setSignatureVerificationAlias("alice"); } -bean.getInInterceptors().add(sigInInterceptor); +bean.setProvider(sigInInterceptor); } else { XmlSigOutInterceptor sigOutInterceptor = new XmlSigOutInterceptor(); if (enveloping) { @@ -295,19 +295,13 @@ public class JAXRSXmlSecTest extends AbstractBusClientServerTestBase { WebClient wc = bean.createWebClient(); WebClient.getConfig(wc).getHttpConduit().getClient().setReceiveTimeout(1000L); -try { -Book book; -if (!fromResponse) { -book = wc.post(new Book("CXF", 126L), Book.class); -} else { -book = wc.post(new Book("CXF", 126L)).readEntity(Book.class); -} -assertEquals(126L, book.getId()); -} catch (WebApplicationException ex) { -fail(ex.getMessage()); -} catch (ProcessingException ex) { -assertTrue(ex.getCause() instanceof BadRequestException); +Book book; +if (!fromResponse) { +book = wc.post(new Book("CXF", 126L), Book.class); +} else { +book = wc.post(new Book("CXF", 126L)).readEntity(Book.class); } +assertEquals(126L, book.getId()); } @Test @@ -336,7 +330,7 @@ public class JAXRSXmlSecTest extends AbstractBusClientServerTestBase { XmlSecInInterceptor sigInInterceptor = new XmlSecInInterceptor(); sigInInterceptor.setRequireSignature(true); -bean.getInInterceptors().add(sigInInterceptor); +bean.setProvider(sigInInterceptor); } else { XmlSigOutInterceptor sigOutInterceptor = new XmlSigOutInterceptor(); bean.getOutInterceptors().add(sigOutInterceptor); @@ -381,7 +375,7 @@ public class JAXRSXmlSecTest extends AbstractBusClientServerTestBase { XmlSecInInterceptor sigInInterceptor = new XmlSecInInterceptor(); sigInInterceptor.setRequireSignature(true); -bean.getInInterceptors().add(sigInInterceptor); +bean.setProvider(sigInInterceptor); } else { XmlSigOutInterceptor sigOutInterceptor = new XmlSigOutInterceptor(); bean.getOutInterceptors().add(sigOutInterceptor); @@ -577,7 +571,7 @@ public class JAXRSXmlSecTest extends AbstractBusClientServerTestBase { XmlSecInInterceptor encInInterceptor = new XmlSecInInterceptor(); encInInterceptor.setRequireEncryption(true); -bean.getInInterceptors().add(encInInterceptor); +bean.setProvider(encInInterceptor); } else { if (sign) { bean.getOutInterceptors().add(new XmlSigOutInterceptor());
[3/5] cxf git commit: Adding some negative tests for trust verification for rs-security
Adding some negative tests for trust verification for rs-security Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/af69b53d Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/af69b53d Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/af69b53d Branch: refs/heads/3.1.x-fixes Commit: af69b53d8460c7c80546afb8ae56dd086a807a6f Parents: f05a415 Author: Colm O hEigeartaighAuthored: Tue Mar 28 13:04:16 2017 +0100 Committer: Colm O hEigeartaigh Committed: Tue Mar 28 13:13:41 2017 +0100 -- .../security/xml/AbstractXmlSecInHandler.java | 6 +- .../rs/security/xml/XmlSecInInterceptor.java| 20 ++--- .../security/saml/KeystorePasswordCallback.java | 4 + .../jaxrs/security/xml/JAXRSXmlSecTest.java | 90 .../systest/jaxrs/security/bethal.properties| 24 ++ .../systest/jaxrs/security/morpit.properties| 21 + .../jaxrs/security/morpittrust.properties | 23 + .../cxf/systest/jaxrs/security/xml/server.xml | 32 +++ .../systest/jaxrs/security/xml/stax-server.xml | 34 +++- 9 files changed, 242 insertions(+), 12 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/af69b53d/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java -- diff --git a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java index 8d79b1c..27bc803 100644 --- a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java +++ b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java @@ -96,7 +96,11 @@ public abstract class AbstractXmlSecInHandler { } protected void throwFault(String error, Exception ex) { -LOG.warning(error); +StringBuilder log = new StringBuilder(error); +if (ex != null) { +log = log.append(" - ").append(ex.getMessage()); +} +LOG.warning(log.toString()); Response response = JAXRSUtils.toResponseBuilder(400).entity(error).build(); throw ExceptionUtils.toBadRequestException(null, response); } http://git-wip-us.apache.org/repos/asf/cxf/blob/af69b53d/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java -- diff --git a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java index 19a7457..3341793 100644 --- a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java +++ b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java @@ -106,9 +106,9 @@ public class XmlSecInInterceptor extends AbstractPhaseInterceptor imple message.getInterceptorChain().add( new StaxActionInInterceptor(requireSignature, requireEncryption)); } - + private void prepareMessage(Message inMsg) throws Fault { - + XMLStreamReader originalXmlStreamReader = inMsg.getContent(XMLStreamReader.class); if (originalXmlStreamReader == null) { InputStream is = inMsg.getContent(InputStream.class); @@ -147,7 +147,7 @@ public class XmlSecInInterceptor extends AbstractPhaseInterceptor imple return "GET".equals(method) && !MessageUtils.isRequestor(message); } - + private void configureDecryptionKeys(Message message, XMLSecurityProperties properties) throws IOException, UnsupportedCallbackException, WSSecurityException { @@ -311,8 +311,8 @@ public class XmlSecInInterceptor extends AbstractPhaseInterceptor imple new TrustValidator().validateTrust(sigCrypto, cert, publicKey, getSubjectContraints(msg)); } catch (WSSecurityException e) { -throw new XMLSecurityException("empty", new Object[] {"Error during Signature Trust " - + "validation: " + e.getMessage()}); +String error = "Signature validation failed"; +throw new XMLSecurityException("empty", new Object[] {error}); } if (persistSignature) { @@ -408,19 +408,19 @@ public class XmlSecInInterceptor extends AbstractPhaseInterceptor imple @Override public Object aroundReadFrom(ReaderInterceptorContext ctx) throws IOException, WebApplicationException { Message
[3/4] cxf git commit: Adding some negative tests for trust verification for rs-security
Adding some negative tests for trust verification for rs-security Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/9c6f0b8e Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/9c6f0b8e Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/9c6f0b8e Branch: refs/heads/master Commit: 9c6f0b8ef0a00887d11706771c88b0a28c818b9a Parents: 2a72afa Author: Colm O hEigeartaighAuthored: Tue Mar 28 13:04:16 2017 +0100 Committer: Colm O hEigeartaigh Committed: Tue Mar 28 13:04:16 2017 +0100 -- .../security/xml/AbstractXmlSecInHandler.java | 6 +- .../rs/security/xml/XmlSecInInterceptor.java| 20 ++--- .../security/saml/KeystorePasswordCallback.java | 4 + .../jaxrs/security/xml/JAXRSXmlSecTest.java | 90 .../systest/jaxrs/security/bethal.properties| 24 ++ .../systest/jaxrs/security/morpit.properties| 21 + .../jaxrs/security/morpittrust.properties | 23 + .../cxf/systest/jaxrs/security/xml/server.xml | 32 +++ .../systest/jaxrs/security/xml/stax-server.xml | 34 +++- 9 files changed, 242 insertions(+), 12 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/9c6f0b8e/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java -- diff --git a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java index caa898b..24bac79 100644 --- a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java +++ b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java @@ -96,7 +96,11 @@ public abstract class AbstractXmlSecInHandler { } protected void throwFault(String error, Exception ex) { -LOG.warning(error); +StringBuilder log = new StringBuilder(error); +if (ex != null) { +log = log.append(" - ").append(ex.getMessage()); +} +LOG.warning(log.toString()); Response response = JAXRSUtils.toResponseBuilder(400).entity(error).build(); throw ExceptionUtils.toBadRequestException(null, response); } http://git-wip-us.apache.org/repos/asf/cxf/blob/9c6f0b8e/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java -- diff --git a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java index 403a07e..4514051 100644 --- a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java +++ b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java @@ -106,9 +106,9 @@ public class XmlSecInInterceptor extends AbstractPhaseInterceptor imple message.getInterceptorChain().add( new StaxActionInInterceptor(requireSignature, requireEncryption)); } - + private void prepareMessage(Message inMsg) throws Fault { - + XMLStreamReader originalXmlStreamReader = inMsg.getContent(XMLStreamReader.class); if (originalXmlStreamReader == null) { InputStream is = inMsg.getContent(InputStream.class); @@ -147,7 +147,7 @@ public class XmlSecInInterceptor extends AbstractPhaseInterceptor imple return "GET".equals(method) && !MessageUtils.isRequestor(message); } - + private void configureDecryptionKeys(Message message, XMLSecurityProperties properties) throws IOException, UnsupportedCallbackException, WSSecurityException { @@ -311,8 +311,8 @@ public class XmlSecInInterceptor extends AbstractPhaseInterceptor imple new TrustValidator().validateTrust(sigCrypto, cert, publicKey, getSubjectContraints(msg)); } catch (WSSecurityException e) { -throw new XMLSecurityException("empty", new Object[] {"Error during Signature Trust " - + "validation: " + e.getMessage()}); +String error = "Signature validation failed"; +throw new XMLSecurityException("empty", new Object[] {error}); } if (persistSignature) { @@ -408,19 +408,19 @@ public class XmlSecInInterceptor extends AbstractPhaseInterceptor imple @Override public Object aroundReadFrom(ReaderInterceptorContext ctx) throws IOException, WebApplicationException { Message message =
[1/4] cxf git commit: Removing unused file
Repository: cxf Updated Branches: refs/heads/master 08a1bd83c -> 0ffcd507e Removing unused file Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/d3bf25c3 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/d3bf25c3 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/d3bf25c3 Branch: refs/heads/master Commit: d3bf25c3b1ab874fbc7609b98f2f88b545707ceb Parents: 08a1bd8 Author: Colm O hEigeartaighAuthored: Tue Mar 28 11:55:24 2017 +0100 Committer: Colm O hEigeartaigh Committed: Tue Mar 28 12:57:09 2017 +0100 -- systests/ws-security/src/test/resources/kerberos.jaas | 8 1 file changed, 8 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/d3bf25c3/systests/ws-security/src/test/resources/kerberos.jaas -- diff --git a/systests/ws-security/src/test/resources/kerberos.jaas b/systests/ws-security/src/test/resources/kerberos.jaas deleted file mode 100644 index b773cf6..000 --- a/systests/ws-security/src/test/resources/kerberos.jaas +++ /dev/null @@ -1,8 +0,0 @@ - -alice { -com.sun.security.auth.module.Krb5LoginModule required refreshKrb5Config=true useKeyTab=true keyTab="/etc/alice.keytab" principal="alice"; -}; - -bob { -com.sun.security.auth.module.Krb5LoginModule required refreshKrb5Config=true useKeyTab=true storeKey=true keyTab="/etc/bob.keytab" principal="bob/service.ws.apache.org"; -};
[2/4] cxf git commit: Adding signature negative tests for WS-Security, client + server side
Adding signature negative tests for WS-Security, client + server side Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/2a72afa8 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/2a72afa8 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/2a72afa8 Branch: refs/heads/master Commit: 2a72afa837e4ff0b58425cc5ca57b711fe5b711a Parents: d3bf25c Author: Colm O hEigeartaighAuthored: Tue Mar 28 12:18:54 2017 +0100 Committer: Colm O hEigeartaigh Committed: Tue Mar 28 12:57:10 2017 +0100 -- .../cxf/systest/ws/action/ActionTest.java | 112 +++ .../ws/common/KeystorePasswordCallback.java | 2 + .../src/test/resources/bethal.properties| 24 .../cxf/systest/ws/action/DoubleItAction.wsdl | 12 ++ .../org/apache/cxf/systest/ws/action/client.xml | 104 + .../org/apache/cxf/systest/ws/action/server.xml | 104 + .../src/test/resources/truststore.properties| 23 7 files changed, 381 insertions(+) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/2a72afa8/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java -- diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java index 8cf0fc0..e577738 100644 --- a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java +++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java @@ -291,4 +291,116 @@ public class ActionTest extends AbstractBusClientServerTestBase { ((java.io.Closeable)port).close(); bus.shutdown(true); } + +@org.junit.Test +public void testSignatureNegativeClient() throws Exception { + +SpringBusFactory bf = new SpringBusFactory(); +URL busFile = ActionTest.class.getResource("client.xml"); + +Bus bus = bf.createBus(busFile.toString()); +SpringBusFactory.setDefaultBus(bus); +SpringBusFactory.setThreadDefaultBus(bus); + +URL wsdl = ActionTest.class.getResource("DoubleItAction.wsdl"); +Service service = Service.create(wsdl, SERVICE_QNAME); +QName portQName = new QName(NAMESPACE, "DoubleItSignatureNegativeClientPort"); +DoubleItPortType port = +service.getPort(portQName, DoubleItPortType.class); +updateAddressPort(port, PORT); + +try { +port.doubleIt(25); +fail("Failure expected as the client doesn't trust the cert of the service"); +} catch (javax.xml.ws.soap.SOAPFaultException ex) { +// expected +} + +((java.io.Closeable)port).close(); +bus.shutdown(true); +} + +@org.junit.Test +public void testSignatureNegativeClientStreaming() throws Exception { + +SpringBusFactory bf = new SpringBusFactory(); +URL busFile = ActionTest.class.getResource("client.xml"); + +Bus bus = bf.createBus(busFile.toString()); +SpringBusFactory.setDefaultBus(bus); +SpringBusFactory.setThreadDefaultBus(bus); + +URL wsdl = ActionTest.class.getResource("DoubleItAction.wsdl"); +Service service = Service.create(wsdl, SERVICE_QNAME); +QName portQName = new QName(NAMESPACE, "DoubleItSignatureNegativeClientPort2"); +DoubleItPortType port = +service.getPort(portQName, DoubleItPortType.class); +updateAddressPort(port, PORT); + +try { +port.doubleIt(25); +fail("Failure expected as the client doesn't trust the cert of the service"); +} catch (javax.xml.ws.soap.SOAPFaultException ex) { +// expected +} + +((java.io.Closeable)port).close(); +bus.shutdown(true); +} + +@org.junit.Test +public void testSignatureNegativeServer() throws Exception { + +SpringBusFactory bf = new SpringBusFactory(); +URL busFile = ActionTest.class.getResource("client.xml"); + +Bus bus = bf.createBus(busFile.toString()); +SpringBusFactory.setDefaultBus(bus); +SpringBusFactory.setThreadDefaultBus(bus); + +URL wsdl = ActionTest.class.getResource("DoubleItAction.wsdl"); +Service service = Service.create(wsdl, SERVICE_QNAME); +QName portQName = new QName(NAMESPACE, "DoubleItSignatureNegativeServerPort"); +DoubleItPortType port = +service.getPort(portQName, DoubleItPortType.class); +updateAddressPort(port, PORT); + +try { +port.doubleIt(25); +fail("Failure expected as the service doesn't trust the
[4/4] cxf git commit: Fixing tests
Fixing tests Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/0ffcd507 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/0ffcd507 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/0ffcd507 Branch: refs/heads/master Commit: 0ffcd507e0f7bc5c33ddb819a474426035948c6d Parents: 9c6f0b8 Author: Colm O hEigeartaighAuthored: Tue Mar 28 13:10:51 2017 +0100 Committer: Colm O hEigeartaigh Committed: Tue Mar 28 13:10:51 2017 +0100 -- .../jaxrs/security/xml/JAXRSXmlSecTest.java | 26 1 file changed, 10 insertions(+), 16 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/0ffcd507/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java -- diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java index 6942508..67abc0c 100644 --- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java +++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java @@ -279,7 +279,7 @@ public class JAXRSXmlSecTest extends AbstractBusClientServerTestBase { if (!useKeyInfo) { sigInInterceptor.setSignatureVerificationAlias("alice"); } -bean.getInInterceptors().add(sigInInterceptor); +bean.setProvider(sigInInterceptor); } else { XmlSigOutInterceptor sigOutInterceptor = new XmlSigOutInterceptor(); if (enveloping) { @@ -295,19 +295,13 @@ public class JAXRSXmlSecTest extends AbstractBusClientServerTestBase { WebClient wc = bean.createWebClient(); WebClient.getConfig(wc).getHttpConduit().getClient().setReceiveTimeout(1000L); -try { -Book book; -if (!fromResponse) { -book = wc.post(new Book("CXF", 126L), Book.class); -} else { -book = wc.post(new Book("CXF", 126L)).readEntity(Book.class); -} -assertEquals(126L, book.getId()); -} catch (WebApplicationException ex) { -fail(ex.getMessage()); -} catch (ProcessingException ex) { -assertTrue(ex.getCause() instanceof BadRequestException); +Book book; +if (!fromResponse) { +book = wc.post(new Book("CXF", 126L), Book.class); +} else { +book = wc.post(new Book("CXF", 126L)).readEntity(Book.class); } +assertEquals(126L, book.getId()); } @Test @@ -336,7 +330,7 @@ public class JAXRSXmlSecTest extends AbstractBusClientServerTestBase { XmlSecInInterceptor sigInInterceptor = new XmlSecInInterceptor(); sigInInterceptor.setRequireSignature(true); -bean.getInInterceptors().add(sigInInterceptor); +bean.setProvider(sigInInterceptor); } else { XmlSigOutInterceptor sigOutInterceptor = new XmlSigOutInterceptor(); bean.getOutInterceptors().add(sigOutInterceptor); @@ -381,7 +375,7 @@ public class JAXRSXmlSecTest extends AbstractBusClientServerTestBase { XmlSecInInterceptor sigInInterceptor = new XmlSecInInterceptor(); sigInInterceptor.setRequireSignature(true); -bean.getInInterceptors().add(sigInInterceptor); +bean.setProvider(sigInInterceptor); } else { XmlSigOutInterceptor sigOutInterceptor = new XmlSigOutInterceptor(); bean.getOutInterceptors().add(sigOutInterceptor); @@ -577,7 +571,7 @@ public class JAXRSXmlSecTest extends AbstractBusClientServerTestBase { XmlSecInInterceptor encInInterceptor = new XmlSecInInterceptor(); encInInterceptor.setRequireEncryption(true); -bean.getInInterceptors().add(encInInterceptor); +bean.setProvider(encInInterceptor); } else { if (sign) { bean.getOutInterceptors().add(new XmlSigOutInterceptor());
cxf git commit: Another hack to address the limitation of the response body being read after the chain completes on the jaxrs client side
Repository: cxf Updated Branches: refs/heads/3.1.x-fixes 1444d9873 -> 3fd465a1b Another hack to address the limitation of the response body being read after the chain completes on the jaxrs client side Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/3fd465a1 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/3fd465a1 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/3fd465a1 Branch: refs/heads/3.1.x-fixes Commit: 3fd465a1b74c19e819a794ff89227af2c0d268f5 Parents: 1444d98 Author: Sergey BeryozkinAuthored: Tue Mar 28 12:20:51 2017 +0100 Committer: Sergey Beryozkin Committed: Tue Mar 28 12:22:27 2017 +0100 -- .../java/org/apache/cxf/jaxrs/impl/AbstractPropertiesImpl.java | 4 .../java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java | 4 +++- 2 files changed, 7 insertions(+), 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/3fd465a1/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/AbstractPropertiesImpl.java -- diff --git a/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/AbstractPropertiesImpl.java b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/AbstractPropertiesImpl.java index caf8139..2b69400 100644 --- a/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/AbstractPropertiesImpl.java +++ b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/AbstractPropertiesImpl.java @@ -47,4 +47,8 @@ public abstract class AbstractPropertiesImpl { public Collection getPropertyNames() { return holder.getPropertyNames(); } + +public Message getMessage() { +return m; +} } http://git-wip-us.apache.org/repos/asf/cxf/blob/3fd465a1/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java -- diff --git a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java index 3ce1047..19a7457 100644 --- a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java +++ b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java @@ -44,6 +44,7 @@ import javax.xml.stream.XMLStreamReader; import org.apache.cxf.common.logging.LogUtils; import org.apache.cxf.interceptor.Fault; import org.apache.cxf.interceptor.StaxInInterceptor; +import org.apache.cxf.jaxrs.impl.ReaderInterceptorContextImpl; import org.apache.cxf.jaxrs.utils.ExceptionUtils; import org.apache.cxf.jaxrs.utils.JAXRSUtils; import org.apache.cxf.message.Message; @@ -406,7 +407,8 @@ public class XmlSecInInterceptor extends AbstractPhaseInterceptor imple @Override public Object aroundReadFrom(ReaderInterceptorContext ctx) throws IOException, WebApplicationException { -Message message = JAXRSUtils.getCurrentMessage(); +Message message = ((ReaderInterceptorContextImpl)ctx).getMessage(); + if (isServerGet(message)) { return ctx.proceed(); } else {
cxf git commit: Another hack to address the limitation of the response body being read after the chain completes on the jaxrs client side
Repository: cxf Updated Branches: refs/heads/master 48c6da4be -> 08a1bd83c Another hack to address the limitation of the response body being read after the chain completes on the jaxrs client side Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/08a1bd83 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/08a1bd83 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/08a1bd83 Branch: refs/heads/master Commit: 08a1bd83c2a6a069a1a5c5fa45a4fe1236d4fb95 Parents: 48c6da4 Author: Sergey BeryozkinAuthored: Tue Mar 28 12:20:51 2017 +0100 Committer: Sergey Beryozkin Committed: Tue Mar 28 12:20:51 2017 +0100 -- .../java/org/apache/cxf/jaxrs/impl/AbstractPropertiesImpl.java | 4 .../java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java | 4 +++- 2 files changed, 7 insertions(+), 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/08a1bd83/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/AbstractPropertiesImpl.java -- diff --git a/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/AbstractPropertiesImpl.java b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/AbstractPropertiesImpl.java index bf34a35..af45a2d 100644 --- a/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/AbstractPropertiesImpl.java +++ b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/AbstractPropertiesImpl.java @@ -47,4 +47,8 @@ public abstract class AbstractPropertiesImpl { public Collection getPropertyNames() { return holder.getPropertyNames(); } + +public Message getMessage() { +return m; +} } http://git-wip-us.apache.org/repos/asf/cxf/blob/08a1bd83/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java -- diff --git a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java index 2d4014e..403a07e 100644 --- a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java +++ b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java @@ -44,6 +44,7 @@ import javax.xml.stream.XMLStreamReader; import org.apache.cxf.common.logging.LogUtils; import org.apache.cxf.interceptor.Fault; import org.apache.cxf.interceptor.StaxInInterceptor; +import org.apache.cxf.jaxrs.impl.ReaderInterceptorContextImpl; import org.apache.cxf.jaxrs.utils.ExceptionUtils; import org.apache.cxf.jaxrs.utils.JAXRSUtils; import org.apache.cxf.message.Message; @@ -406,7 +407,8 @@ public class XmlSecInInterceptor extends AbstractPhaseInterceptor imple @Override public Object aroundReadFrom(ReaderInterceptorContext ctx) throws IOException, WebApplicationException { -Message message = JAXRSUtils.getCurrentMessage(); +Message message = ((ReaderInterceptorContextImpl)ctx).getMessage(); + if (isServerGet(message)) { return ctx.proceed(); } else {
cxf git commit: CXF-4028 - X509TokenValidator uses signature-crypto-provider instead of encryption-crypto-provider
Repository: cxf Updated Branches: refs/heads/3.1.x-fixes 42eca6f9c -> 1444d9873 CXF-4028 - X509TokenValidator uses signature-crypto-provider instead of encryption-crypto-provider Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/1444d987 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/1444d987 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/1444d987 Branch: refs/heads/3.1.x-fixes Commit: 1444d98730b69b95b00067a33e6255d069e0bec1 Parents: 42eca6f Author: Colm O hEigeartaighAuthored: Tue Mar 28 08:07:11 2017 +0100 Committer: Colm O hEigeartaigh Committed: Tue Mar 28 08:09:00 2017 +0100 -- .../cxf/sts/token/validator/X509TokenValidator.java| 13 + 1 file changed, 9 insertions(+), 4 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/1444d987/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/X509TokenValidator.java -- diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/X509TokenValidator.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/X509TokenValidator.java index 276d3fd..d32b510 100644 --- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/X509TokenValidator.java +++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/X509TokenValidator.java @@ -113,11 +113,16 @@ public class X509TokenValidator implements TokenValidator { public TokenValidatorResponse validateToken(TokenValidatorParameters tokenParameters) { LOG.fine("Validating X.509 Token"); STSPropertiesMBean stsProperties = tokenParameters.getStsProperties(); -Crypto sigCrypto = stsProperties.getSignatureCrypto(); CallbackHandler callbackHandler = stsProperties.getCallbackHandler(); +// See CXF-4028 +Crypto crypto = stsProperties.getEncryptionCrypto(); +if (crypto == null) { +crypto = stsProperties.getSignatureCrypto(); +} + RequestData requestData = new RequestData(); -requestData.setSigVerCrypto(sigCrypto); +requestData.setSigVerCrypto(crypto); requestData.setWssConfig(WSSConfig.getNewInstance()); requestData.setCallbackHandler(callbackHandler); requestData.setMsgContext(tokenParameters.getMessageContext()); @@ -177,8 +182,8 @@ public class X509TokenValidator implements TokenValidator { try { Credential credential = new Credential(); credential.setBinarySecurityToken(binarySecurity); -if (sigCrypto != null) { -X509Certificate cert = ((X509Security)binarySecurity).getX509Certificate(sigCrypto); +if (crypto != null) { +X509Certificate cert = ((X509Security)binarySecurity).getX509Certificate(crypto); credential.setCertificates(new X509Certificate[]{cert}); }
cxf git commit: Recording .gitmergeinfo Changes
Repository: cxf Updated Branches: refs/heads/3.0.x-fixes 9a12fe80b -> 491a6e81e Recording .gitmergeinfo Changes Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/491a6e81 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/491a6e81 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/491a6e81 Branch: refs/heads/3.0.x-fixes Commit: 491a6e81e4300a1959d278ac00fd02028c7d3144 Parents: 9a12fe8 Author: Colm O hEigeartaighAuthored: Tue Mar 28 08:09:20 2017 +0100 Committer: Colm O hEigeartaigh Committed: Tue Mar 28 08:09:20 2017 +0100 -- .gitmergeinfo | 1 + 1 file changed, 1 insertion(+) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/491a6e81/.gitmergeinfo -- diff --git a/.gitmergeinfo b/.gitmergeinfo index 90b8ebd..6580322 100644 --- a/.gitmergeinfo +++ b/.gitmergeinfo @@ -119,6 +119,7 @@ B 13dfe0f9fcaa0aee4c603072436d85861a0ab734 B 13e01e23ea87ea5b06953f18bef4b173fca55b4d B 13fa5dc1ffebe4e63a27f17528598925af04d570 B 105de684d0a266cbbfbb415e09121412d577 +B 1444d98730b69b95b00067a33e6255d069e0bec1 B 1487fccd43c3bcc463f12cdc1573cde68323f8b6 B 14ed2e2c44b6da7641c95fb57212f8b5a5e77f3d B 150213cac13dc342e9c0a6559f5856edf85e660d
cxf git commit: CXF-4028 - X509TokenValidator uses signature-crypto-provider instead of encryption-crypto-provider
Repository: cxf Updated Branches: refs/heads/master f81032919 -> 48c6da4be CXF-4028 - X509TokenValidator uses signature-crypto-provider instead of encryption-crypto-provider Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/48c6da4b Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/48c6da4b Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/48c6da4b Branch: refs/heads/master Commit: 48c6da4bec8743d65740e7ab02ce4ca0f696c384 Parents: f810329 Author: Colm O hEigeartaighAuthored: Tue Mar 28 08:07:11 2017 +0100 Committer: Colm O hEigeartaigh Committed: Tue Mar 28 08:07:11 2017 +0100 -- .../cxf/sts/token/validator/X509TokenValidator.java| 13 + 1 file changed, 9 insertions(+), 4 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/48c6da4b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/X509TokenValidator.java -- diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/X509TokenValidator.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/X509TokenValidator.java index e604f7f..e89ac12 100644 --- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/X509TokenValidator.java +++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/X509TokenValidator.java @@ -113,11 +113,16 @@ public class X509TokenValidator implements TokenValidator { public TokenValidatorResponse validateToken(TokenValidatorParameters tokenParameters) { LOG.fine("Validating X.509 Token"); STSPropertiesMBean stsProperties = tokenParameters.getStsProperties(); -Crypto sigCrypto = stsProperties.getSignatureCrypto(); CallbackHandler callbackHandler = stsProperties.getCallbackHandler(); +// See CXF-4028 +Crypto crypto = stsProperties.getEncryptionCrypto(); +if (crypto == null) { +crypto = stsProperties.getSignatureCrypto(); +} + RequestData requestData = new RequestData(); -requestData.setSigVerCrypto(sigCrypto); +requestData.setSigVerCrypto(crypto); requestData.setWssConfig(WSSConfig.getNewInstance()); requestData.setCallbackHandler(callbackHandler); requestData.setMsgContext(tokenParameters.getMessageContext()); @@ -177,8 +182,8 @@ public class X509TokenValidator implements TokenValidator { try { Credential credential = new Credential(); credential.setBinarySecurityToken(binarySecurity); -if (sigCrypto != null) { -X509Certificate cert = ((X509Security)binarySecurity).getX509Certificate(sigCrypto); +if (crypto != null) { +X509Certificate cert = ((X509Security)binarySecurity).getX509Certificate(crypto); credential.setCertificates(new X509Certificate[]{cert}); }