cxf git commit: Recording .gitmergeinfo Changes

2017-03-28 Thread coheigea 
Repository: cxf
Updated Branches:
  refs/heads/3.0.x-fixes 36eff36d4 -> 622442a78


Recording .gitmergeinfo Changes


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/622442a7
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/622442a7
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/622442a7

Branch: refs/heads/3.0.x-fixes
Commit: 622442a78f41b41bf52a85c6a620262b8436f43b
Parents: 36eff36
Author: Colm O hEigeartaigh 
Authored: Tue Mar 28 17:36:01 2017 +0100
Committer: Colm O hEigeartaigh 
Committed: Tue Mar 28 17:36:01 2017 +0100

--
 .gitmergeinfo | 3 +++
 1 file changed, 3 insertions(+)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/622442a7/.gitmergeinfo
--
diff --git a/.gitmergeinfo b/.gitmergeinfo
index ba25a06..5531a9c 100644
--- a/.gitmergeinfo
+++ b/.gitmergeinfo
@@ -533,6 +533,7 @@ B 4f70bdf4199a666829cf9c6c62c508d12afbe251
 B 4fbb05ce31ccfee730d144f328b90f300a64693b
 B 4fe7844935f9b4ad797760613d143949f9448905
 B 4ff4cf5f28b22bc85cc107a9d31545c53c04845a
+B 50100ff72df3a29f21c09405a4262974165fa6d5
 B 5015c0c1ccb3bda0d83570c8b0e9889900d68221
 B 503567af618e7b7a402df5455be7ef7ea0c0a9b6
 B 504b427081cfc2213ce0a5c050b16af67ca7ff46
@@ -732,6 +733,7 @@ B 6f7bfef950da7c4e629c4b3d4fecbdecdc03bbd9
 B 6fb43da4f6c1578aeffe0a8a24dc27b597aec2c6
 B 6fb880420de545f7ed09199674b7fec3d0ba4d7c
 B 6fe5b5a80d477ba460c223e62f4b73b825cd3771
+B 6ffbba84101f30b7ea481fb9f508e5ae418df853
 B 702f27bc4a334b2d117262252632bf580f20f711
 B 70837021f60524b60e4328c5f47c6170ff30
 B 708f53f7af5a53003f642a4422d8c11de18f8889
@@ -1071,6 +1073,7 @@ B a67a0a69214717c7c92baa27f74000d5af895c83
 B a69839b8b7a776b9deb80bdf14942b231761ad53
 B a6af7bddf7c00e0d8d6db4f84ac87dd93bd2a9e8
 B a7287694f81d87e299b331d6594740614331bfe1
+B a754efaefd486e23587fe671dfbcd5955312bf92
 B a75df553a2bb0cee94b96fababa723d7d0f45d90
 B a77c05fcbef3f8a0d963dd196fa1f142a975f6cd
 B a78e2e4d67628577ee9418412e8f89fe0c3c243b

[3/3] cxf git commit: Fixing merge

2017-03-28 Thread coheigea 
Fixing merge


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/a754efae
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/a754efae
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/a754efae

Branch: refs/heads/3.1.x-fixes
Commit: a754efaefd486e23587fe671dfbcd5955312bf92
Parents: 6ffbba8
Author: Colm O hEigeartaigh 
Authored: Tue Mar 28 17:33:05 2017 +0100
Committer: Colm O hEigeartaigh 
Committed: Tue Mar 28 17:33:05 2017 +0100

--
 .../apache/cxf/rs/security/xml/EncryptionProperties.java  |  8 
 .../apache/cxf/rs/security/xml/SignatureProperties.java   |  8 
 .../apache/cxf/rs/security/xml/XmlSecOutInterceptor.java  | 10 --
 3 files changed, 26 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/a754efae/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/EncryptionProperties.java
--
diff --git 
a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/EncryptionProperties.java
 
b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/EncryptionProperties.java
index 4a5ab1d..4de9e8e 100644
--- 
a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/EncryptionProperties.java
+++ 
b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/EncryptionProperties.java
@@ -25,12 +25,8 @@ public class EncryptionProperties {
 private String encryptionSymmetricKeyAlgo;
 private String encryptionDigestAlgo;
 private String encryptionKeyIdType;
-<<< HEAD
-
-===
 private String encryptionKeyName;
 
->>> b30d620... CXF-7084 - Pass a value for the KeyName element from the 
XmlSecOutInterceptor to Santuario
 public void setEncryptionKeyTransportAlgo(String 
encryptionKeyTransportAlgo) {
 this.encryptionKeyTransportAlgo = encryptionKeyTransportAlgo;
 }
@@ -55,9 +51,6 @@ public class EncryptionProperties {
 public String getEncryptionKeyIdType() {
 return encryptionKeyIdType;
 }
-<<< HEAD
-
-===
 public String getEncryptionKeyName() {
 return encryptionKeyName;
 }
@@ -65,5 +58,4 @@ public class EncryptionProperties {
 this.encryptionKeyName = encryptionKeyName;
 }
 
->>> b30d620... CXF-7084 - Pass a value for the KeyName element from the 
XmlSecOutInterceptor to Santuario
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/a754efae/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/SignatureProperties.java
--
diff --git 
a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/SignatureProperties.java
 
b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/SignatureProperties.java
index 16aff78..8c861ab 100644
--- 
a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/SignatureProperties.java
+++ 
b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/SignatureProperties.java
@@ -24,12 +24,8 @@ public class SignatureProperties {
 private String signatureC14nMethod;
 private String signatureC14nTransform;
 private String signatureKeyIdType;
-<<< HEAD
-
-===
 private String signatureKeyName;
 
->>> b30d620... CXF-7084 - Pass a value for the KeyName element from the 
XmlSecOutInterceptor to Santuario
 public void setSignatureAlgo(String signatureAlgo) {
 this.signatureAlgo = signatureAlgo;
 }
@@ -76,9 +72,6 @@ public class SignatureProperties {
 public void setSignatureKeyIdType(String signatureKeyIdType) {
 this.signatureKeyIdType = signatureKeyIdType;
 }
-<<< HEAD
-
-===
 public String getSignatureKeyName() {
 return signatureKeyName;
 }
@@ -86,5 +79,4 @@ public class SignatureProperties {
 this.signatureKeyName = signatureKeyName;
 }
 
->>> b30d620... CXF-7084 - Pass a value for the KeyName element from the 
XmlSecOutInterceptor to Santuario
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/a754efae/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecOutInterceptor.java
--
diff --git 
a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecOutInterceptor.java
 
b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecOutInterceptor.java
index b821eca..9018772 100644
--- 
a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecOutInterceptor.java
+++ 
b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecOutInterceptor.java
@@ -160,14 +160,8 @@ public class XmlSecOutInterceptor extends 
AbstractPhaseInterceptor {

[1/3] cxf git commit: Recording .gitmergeinfo Changes

2017-03-28 Thread coheigea 
Repository: cxf
Updated Branches:
  refs/heads/3.1.x-fixes 27ae9979b -> a754efaef


Recording .gitmergeinfo Changes


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/6ffbba84
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/6ffbba84
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/6ffbba84

Branch: refs/heads/3.1.x-fixes
Commit: 6ffbba84101f30b7ea481fb9f508e5ae418df853
Parents: 50100ff
Author: Colm O hEigeartaigh 
Authored: Tue Mar 28 17:32:05 2017 +0100
Committer: Colm O hEigeartaigh 
Committed: Tue Mar 28 17:32:05 2017 +0100

--
 .gitmergeinfo | 1 +
 1 file changed, 1 insertion(+)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/6ffbba84/.gitmergeinfo
--
diff --git a/.gitmergeinfo b/.gitmergeinfo
index e21ad4a..4b17633 100644
--- a/.gitmergeinfo
+++ b/.gitmergeinfo
@@ -464,6 +464,7 @@ M b0a79aa7b48da6acdc6da1169abd690ecf914ca8
 M b1c6125f50b294b0e2ebc927671e2ff53b5001bf
 M b2b6f0137cd9f1bafff5d487e8383453692a2ff0
 M b2e5fb6583d64deeb8a42d2eeb6935c5f33dc0c6
+M b30d620d90593f52b79ae578373597defc89e80d
 M b418fd7952dc36f1a3e577e457833588a2056104
 M b433c753d44350daff5a40ff8eb5a149cf557a68
 M b49075882641fcebbbdf1ed8d84247fcf80aa558

[2/3] cxf git commit: CXF-7084 - Pass a value for the KeyName element from the XmlSecOutInterceptor to Santuario Thanks to Hugo Trippaers for the patch. Some modifications made to the patch as outline

2017-03-28 Thread coheigea 
CXF-7084 - Pass a value for the KeyName element from the XmlSecOutInterceptor 
to Santuario
Thanks to Hugo Trippaers for the patch. Some modifications made to the patch as 
outlined in the JIRA.
This closes #176

# Conflicts:
#   
rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/EncryptionProperties.java
#   
rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/SignatureProperties.java
#   
rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecOutInterceptor.java


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/50100ff7
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/50100ff7
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/50100ff7

Branch: refs/heads/3.1.x-fixes
Commit: 50100ff72df3a29f21c09405a4262974165fa6d5
Parents: 27ae997
Author: Colm O hEigeartaigh 
Authored: Tue Mar 28 17:29:22 2017 +0100
Committer: Colm O hEigeartaigh 
Committed: Tue Mar 28 17:32:05 2017 +0100

--
 .../rs/security/xml/EncryptionProperties.java   | 15 +++
 .../rs/security/xml/SignatureProperties.java| 15 +++
 .../rs/security/xml/XmlSecOutInterceptor.java   | 13 ++
 .../jaxrs/security/xml/JAXRSXmlSecTest.java | 45 
 .../systest/jaxrs/security/xml/stax-server.xml  | 16 +++
 5 files changed, 104 insertions(+)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/50100ff7/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/EncryptionProperties.java
--
diff --git 
a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/EncryptionProperties.java
 
b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/EncryptionProperties.java
index 06d3e11..4a5ab1d 100644
--- 
a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/EncryptionProperties.java
+++ 
b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/EncryptionProperties.java
@@ -25,7 +25,12 @@ public class EncryptionProperties {
 private String encryptionSymmetricKeyAlgo;
 private String encryptionDigestAlgo;
 private String encryptionKeyIdType;
+<<< HEAD
 
+===
+private String encryptionKeyName;
+
+>>> b30d620... CXF-7084 - Pass a value for the KeyName element from the 
XmlSecOutInterceptor to Santuario
 public void setEncryptionKeyTransportAlgo(String 
encryptionKeyTransportAlgo) {
 this.encryptionKeyTransportAlgo = encryptionKeyTransportAlgo;
 }
@@ -50,5 +55,15 @@ public class EncryptionProperties {
 public String getEncryptionKeyIdType() {
 return encryptionKeyIdType;
 }
+<<< HEAD
 
+===
+public String getEncryptionKeyName() {
+return encryptionKeyName;
+}
+public void setEncryptionKeyName(String encryptionKeyName) {
+this.encryptionKeyName = encryptionKeyName;
+}
+
+>>> b30d620... CXF-7084 - Pass a value for the KeyName element from the 
XmlSecOutInterceptor to Santuario
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/50100ff7/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/SignatureProperties.java
--
diff --git 
a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/SignatureProperties.java
 
b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/SignatureProperties.java
index f8a7980..16aff78 100644
--- 
a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/SignatureProperties.java
+++ 
b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/SignatureProperties.java
@@ -24,7 +24,12 @@ public class SignatureProperties {
 private String signatureC14nMethod;
 private String signatureC14nTransform;
 private String signatureKeyIdType;
+<<< HEAD
 
+===
+private String signatureKeyName;
+
+>>> b30d620... CXF-7084 - Pass a value for the KeyName element from the 
XmlSecOutInterceptor to Santuario
 public void setSignatureAlgo(String signatureAlgo) {
 this.signatureAlgo = signatureAlgo;
 }
@@ -71,5 +76,15 @@ public class SignatureProperties {
 public void setSignatureKeyIdType(String signatureKeyIdType) {
 this.signatureKeyIdType = signatureKeyIdType;
 }
+<<< HEAD
 
+===
+public String getSignatureKeyName() {
+return signatureKeyName;
+}
+public void setSignatureKeyName(String signatureKeyName) {
+this.signatureKeyName = signatureKeyName;
+}
+
+>>> b30d620... CXF-7084 - Pass a value for the KeyName element from the 
XmlSecOutInterceptor to Santuario
 }

cxf git commit: This closes #249

2017-03-28 Thread sergeyb 
Repository: cxf
Updated Branches:
  refs/heads/master b30d620d9 -> 16672c10c


This closes #249


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/16672c10
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/16672c10
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/16672c10

Branch: refs/heads/master
Commit: 16672c10cf0a7bcfeeb946fd352e50fb72bda991
Parents: b30d620
Author: Sergey Beryozkin 
Authored: Tue Mar 28 17:35:12 2017 +0100
Committer: Sergey Beryozkin 
Committed: Tue Mar 28 17:35:12 2017 +0100

--

--

cxf git commit: CXF-7084 - Pass a value for the KeyName element from the XmlSecOutInterceptor to Santuario Thanks to Hugo Trippaers for the patch. Some modifications made to the patch as outlined in t

2017-03-28 Thread coheigea 
Repository: cxf
Updated Branches:
  refs/heads/master 9df8cbc09 -> b30d620d9


CXF-7084 - Pass a value for the KeyName element from the XmlSecOutInterceptor 
to Santuario
Thanks to Hugo Trippaers for the patch. Some modifications made to the patch as 
outlined in the JIRA.
This closes #176


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/b30d620d
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/b30d620d
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/b30d620d

Branch: refs/heads/master
Commit: b30d620d90593f52b79ae578373597defc89e80d
Parents: 9df8cbc
Author: Colm O hEigeartaigh 
Authored: Tue Mar 28 17:29:22 2017 +0100
Committer: Colm O hEigeartaigh 
Committed: Tue Mar 28 17:31:37 2017 +0100

--
 .../rs/security/xml/EncryptionProperties.java   |  7 +++
 .../rs/security/xml/SignatureProperties.java|  7 +++
 .../rs/security/xml/XmlSecOutInterceptor.java   |  7 ++-
 .../jaxrs/security/xml/JAXRSXmlSecTest.java | 45 
 .../systest/jaxrs/security/xml/stax-server.xml  | 16 +++
 5 files changed, 80 insertions(+), 2 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/b30d620d/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/EncryptionProperties.java
--
diff --git 
a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/EncryptionProperties.java
 
b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/EncryptionProperties.java
index e7c0fdf..4de9e8e 100644
--- 
a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/EncryptionProperties.java
+++ 
b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/EncryptionProperties.java
@@ -25,6 +25,7 @@ public class EncryptionProperties {
 private String encryptionSymmetricKeyAlgo;
 private String encryptionDigestAlgo;
 private String encryptionKeyIdType;
+private String encryptionKeyName;
 
 public void setEncryptionKeyTransportAlgo(String 
encryptionKeyTransportAlgo) {
 this.encryptionKeyTransportAlgo = encryptionKeyTransportAlgo;
@@ -50,5 +51,11 @@ public class EncryptionProperties {
 public String getEncryptionKeyIdType() {
 return encryptionKeyIdType;
 }
+public String getEncryptionKeyName() {
+return encryptionKeyName;
+}
+public void setEncryptionKeyName(String encryptionKeyName) {
+this.encryptionKeyName = encryptionKeyName;
+}
 
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/b30d620d/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/SignatureProperties.java
--
diff --git 
a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/SignatureProperties.java
 
b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/SignatureProperties.java
index dc81c8a..8c861ab 100644
--- 
a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/SignatureProperties.java
+++ 
b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/SignatureProperties.java
@@ -24,6 +24,7 @@ public class SignatureProperties {
 private String signatureC14nMethod;
 private String signatureC14nTransform;
 private String signatureKeyIdType;
+private String signatureKeyName;
 
 public void setSignatureAlgo(String signatureAlgo) {
 this.signatureAlgo = signatureAlgo;
@@ -71,5 +72,11 @@ public class SignatureProperties {
 public void setSignatureKeyIdType(String signatureKeyIdType) {
 this.signatureKeyIdType = signatureKeyIdType;
 }
+public String getSignatureKeyName() {
+return signatureKeyName;
+}
+public void setSignatureKeyName(String signatureKeyName) {
+this.signatureKeyName = signatureKeyName;
+}
 
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/b30d620d/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecOutInterceptor.java
--
diff --git 
a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecOutInterceptor.java
 
b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecOutInterceptor.java
index 4688537..904a92b 100644
--- 
a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecOutInterceptor.java
+++ 
b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecOutInterceptor.java
@@ -48,6 +48,7 @@ import org.apache.cxf.phase.Phase;
 import org.apache.cxf.rs.security.common.CryptoLoader;
 import org.apache.cxf.rs.security.common.RSSecurityUtils;
 import org.apache.cxf.rt.security.SecurityConstants;
+import org.apache.cxf.rt.security.utils.SecurityUtils;
 import

cxf git commit: [CXF-7293] Updating AbstractSpringComponentScanServer to ignore client proxy classes, with thanks to Dennis Kieselhorst

2017-03-28 Thread sergeyb 
Repository: cxf
Updated Branches:
  refs/heads/3.1.x-fixes 794243e6c -> 27ae9979b


[CXF-7293] Updating AbstractSpringComponentScanServer to ignore client proxy 
classes, with thanks to Dennis Kieselhorst


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/27ae9979
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/27ae9979
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/27ae9979

Branch: refs/heads/3.1.x-fixes
Commit: 27ae9979b88540574ee59c487f43c20c877c8be3
Parents: 794243e
Author: Sergey Beryozkin 
Authored: Tue Mar 28 17:17:17 2017 +0100
Committer: Sergey Beryozkin 
Committed: Tue Mar 28 17:18:58 2017 +0100

--
 .../spring/AbstractSpringComponentScanServer.java | 18 ++
 1 file changed, 18 insertions(+)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/27ae9979/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/spring/AbstractSpringComponentScanServer.java
--
diff --git 
a/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/spring/AbstractSpringComponentScanServer.java
 
b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/spring/AbstractSpringComponentScanServer.java
index 4afe05e..9099519 100644
--- 
a/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/spring/AbstractSpringComponentScanServer.java
+++ 
b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/spring/AbstractSpringComponentScanServer.java
@@ -19,6 +19,7 @@
 package org.apache.cxf.jaxrs.spring;
 
 import java.lang.annotation.Annotation;
+import java.lang.reflect.Proxy;
 import java.util.Collection;
 import java.util.HashSet;
 import java.util.LinkedList;
@@ -32,6 +33,7 @@ import javax.ws.rs.ext.Provider;
 
 import org.apache.cxf.annotations.Provider.Scope;
 import org.apache.cxf.common.logging.LogUtils;
+import org.apache.cxf.common.util.ClassHelper;
 import org.apache.cxf.common.util.ClasspathScanner;
 import org.apache.cxf.common.util.PackageUtils;
 import org.apache.cxf.common.util.StringUtils;
@@ -135,10 +137,26 @@ public abstract class AbstractSpringComponentScanServer 
extends AbstractSpringCo
   Set componentScanPackagesSet,
   Set componentScanBeansSet) {
 return isAnnotationAvailable(beanName, ann)
+&& nonProxyClass(beanName)
 && matchesServiceAnnotation(beanName)
 && matchesComponentPackage(beanName, componentScanPackagesSet)
 && matchesComponentName(beanName, componentScanBeansSet);
 }
+protected boolean nonProxyClass(String beanName) {
+// JAX-RS runtime needs to be able to access the real component class 
to introspect it for
+// JAX-RS annotations; the following check ensures that the valid 
proxified components
+// are accepted while the client proxies are ignored.
+Class type = 
ClassHelper.getRealClassFromClass(applicationContext.getType(beanName));
+if (Proxy.isProxyClass(type) && 
applicationContext.isSingleton(beanName)) {
+type = 
ClassHelper.getRealClass(applicationContext.getBean(beanName));
+}
+if (Proxy.isProxyClass(type)) {
+LOG.fine("Can not determine the real class of the component '" + 
beanName + "'");
+return false;
+} else {
+return true;
+}
+}
 protected boolean matchesComponentName(String beanName, Set 
componentScanBeansSet) {
 return componentScanBeansSet == null || 
componentScanBeansSet.contains(beanName);
 }

cxf git commit: [CXF-7293] Updating AbstractSpringComponentScanServer to ignore client proxy classes, with thanks to Dennis Kieselhorst

2017-03-28 Thread sergeyb 
Repository: cxf
Updated Branches:
  refs/heads/master 428f7700d -> 9df8cbc09


[CXF-7293] Updating AbstractSpringComponentScanServer to ignore client proxy 
classes, with thanks to Dennis Kieselhorst


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/9df8cbc0
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/9df8cbc0
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/9df8cbc0

Branch: refs/heads/master
Commit: 9df8cbc0942a52dee2f94d9aea08be46b501bb78
Parents: 428f770
Author: Sergey Beryozkin 
Authored: Tue Mar 28 17:17:17 2017 +0100
Committer: Sergey Beryozkin 
Committed: Tue Mar 28 17:17:17 2017 +0100

--
 .../spring/AbstractSpringComponentScanServer.java | 18 ++
 1 file changed, 18 insertions(+)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/9df8cbc0/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/spring/AbstractSpringComponentScanServer.java
--
diff --git 
a/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/spring/AbstractSpringComponentScanServer.java
 
b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/spring/AbstractSpringComponentScanServer.java
index 9225ad9..d5a11dc 100644
--- 
a/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/spring/AbstractSpringComponentScanServer.java
+++ 
b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/spring/AbstractSpringComponentScanServer.java
@@ -19,6 +19,7 @@
 package org.apache.cxf.jaxrs.spring;
 
 import java.lang.annotation.Annotation;
+import java.lang.reflect.Proxy;
 import java.util.Collection;
 import java.util.HashSet;
 import java.util.LinkedList;
@@ -32,6 +33,7 @@ import javax.ws.rs.ext.Provider;
 
 import org.apache.cxf.annotations.Provider.Scope;
 import org.apache.cxf.common.logging.LogUtils;
+import org.apache.cxf.common.util.ClassHelper;
 import org.apache.cxf.common.util.ClasspathScanner;
 import org.apache.cxf.common.util.PackageUtils;
 import org.apache.cxf.common.util.StringUtils;
@@ -135,10 +137,26 @@ public abstract class AbstractSpringComponentScanServer 
extends AbstractSpringCo
   Set componentScanPackagesSet,
   Set componentScanBeansSet) {
 return isAnnotationAvailable(beanName, ann)
+&& nonProxyClass(beanName)
 && matchesServiceAnnotation(beanName)
 && matchesComponentPackage(beanName, componentScanPackagesSet)
 && matchesComponentName(beanName, componentScanBeansSet);
 }
+protected boolean nonProxyClass(String beanName) {
+// JAX-RS runtime needs to be able to access the real component class 
to introspect it for
+// JAX-RS annotations; the following check ensures that the valid 
proxified components
+// are accepted while the client proxies are ignored.
+Class type = 
ClassHelper.getRealClassFromClass(applicationContext.getType(beanName));
+if (Proxy.isProxyClass(type) && 
applicationContext.isSingleton(beanName)) {
+type = 
ClassHelper.getRealClass(applicationContext.getBean(beanName));
+}
+if (Proxy.isProxyClass(type)) {
+LOG.fine("Can not determine the real class of the component '" + 
beanName + "'");
+return false;
+} else {
+return true;
+}
+}
 protected boolean matchesComponentName(String beanName, Set 
componentScanBeansSet) {
 return componentScanBeansSet == null || 
componentScanBeansSet.contains(beanName);
 }

cxf git commit: Recording .gitmergeinfo Changes

2017-03-28 Thread coheigea 
Repository: cxf
Updated Branches:
  refs/heads/3.0.x-fixes 381c4b6b4 -> 36eff36d4


Recording .gitmergeinfo Changes


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/36eff36d
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/36eff36d
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/36eff36d

Branch: refs/heads/3.0.x-fixes
Commit: 36eff36d4fec58ee0601365b120964f281affa34
Parents: 381c4b6
Author: Colm O hEigeartaigh 
Authored: Tue Mar 28 17:10:32 2017 +0100
Committer: Colm O hEigeartaigh 
Committed: Tue Mar 28 17:10:32 2017 +0100

--
 .gitmergeinfo | 4 
 1 file changed, 4 insertions(+)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/36eff36d/.gitmergeinfo
--
diff --git a/.gitmergeinfo b/.gitmergeinfo
index 7d99e41..ba25a06 100644
--- a/.gitmergeinfo
+++ b/.gitmergeinfo
@@ -315,6 +315,7 @@ B 2fc4aea17c98120c3715ef9babb19f58c0a79cad
 B 2fccfdcdbcd3a8bb8ea740eda499b48b74dbaf65
 B 2fd8103535c1246a3a243e0fd7bcea86947e6b14
 B 2fe88ec153b6193a8c80f7c1226db19600e0839a
+B 30119990866f5da50d5261653a1843c618cd6459
 B 3019c331c0f069ed63611b5263df3ee4d427e4a7
 B 304ee04631e07040519f32ece1e44a79e784dff8
 B 3051c2a54adc909be8d63c690b1444eb2f9e5e35
@@ -366,6 +367,7 @@ B 36d2bf61511d1921a38d065eb474be802f2f949e
 B 36dc41e1b2bddd02def5dafbafd4a86443ab5e30
 B 36ebac7b230f8b48d098c580b6774a91f1844854
 B 36fcf426a4946f57b051ce7a388c7190fc97aebd
+B 375c356a6cda9fed795173155eebc5d1c5b523f1
 B 37610a53863464b3bab9eecf8db4f94497504163
 B 37defa84d8002e1c0ec582f5c1c68643bc3b66d6
 B 3832cdfc47a3580da5125bae0b590d9250d4abed
@@ -454,6 +456,7 @@ B 4534b29556a1da628c920c36e4245d0d35ca6905
 B 4559444c83d4aa4745674a402c0461d170df6d84
 B 456bd834ca5a7a6b9bff3a546b445960012b88e2
 B 456eff5885d85e2cfe30b639bd5a442929a3f9de
+B 4586fe5b01c92a5353ff73bd0966d2a54329bb8b
 B 45a04b3ec3281ea04a06e0dfc88502d2f182f4b6
 B 45bdda8482aa38509cf62283c159bce347894e24
 B 45f6dac04dc543371c9de1ac3fbd4260f7805dd6
@@ -777,6 +780,7 @@ B 78a8593698fe382d72e3e2101e017dc1835c384b
 B 78fbd425ba4b49908e2b377a979a80ccf9cb29c5
 B 7923a6209a05d71cfeb752ed2d45c9e6e7116942
 B 793f0a7d2a8eade3238deef212dff5f29e0c5b4d
+B 794243e6c9ed943a78cde259f40d984514c03559
 B 799c5389f754eb588f023b646b8983b50dde00be
 B 7a0736b8f1adb1a1b64ca15d1b03bedb175a41de
 B 7a365ca6064803abfff7782a0f972dc8b4e29687

[3/5] cxf git commit: Switching to use security constants in the tests instead of strings

2017-03-28 Thread coheigea 
Switching to use security constants in the tests instead of strings

# Conflicts:
#   rt/ws/rm/src/main/java/org/apache/cxf/ws/rm/RMManager.java
#   
services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/custom_onbehalfof/CustomOnBehalfOfTest.java
#   
services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/secure_conv/SecurityContextTokenCancelTest.java
#   
services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/symmetric/SymmetricBindingTest.java
#   
services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/template/TemplateTest.java
#   
services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/transport/TransportBindingTest.java
#   
services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/username_actas/UsernameActAsCachingTest.java
#   
services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/username_actas/UsernameActAsTest.java
#   
services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/username_onbehalfof/UsernameOnBehalfOfCachingTest.java
#   
services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/username_onbehalfof/UsernameOnBehalfOfTest.java
#   
systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/JAXRSOAuth2Test.java
#   
systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/JAXRSSamlAuthorizationTest.java
#   
systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java
#   
systests/ws-rm/src/test/java/org/apache/cxf/systest/ws/rm/sec/WSRMWithWSSecurityPolicyTest.java
#   
systests/ws-security/src/test/java/org/apache/cxf/systest/ws/fault/FaultTest.java
#   
systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/HelloServiceImpl.java
#   
systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssc/WSSCUnitTest.java
#   
systests/ws-security/src/test/java/org/apache/cxf/systest/ws/x509/DoubleItPropertiesImpl.java


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/30119990
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/30119990
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/30119990

Branch: refs/heads/3.1.x-fixes
Commit: 30119990866f5da50d5261653a1843c618cd6459
Parents: 0b094e8
Author: Colm O hEigeartaigh 
Authored: Tue Mar 28 16:27:09 2017 +0100
Committer: Colm O hEigeartaigh 
Committed: Tue Mar 28 16:30:35 2017 +0100

--
 .../java/org/apache/cxf/ws/rm/RMManager.java|   4 +-
 .../systest/sts/custom/CustomParameterTest.java |  16 +--
 .../custom_onbehalfof/CustomOnBehalfOfTest.java |   5 +-
 .../cxf/systest/sts/renew/SAMLRenewTest.java|   2 +-
 .../SecurityContextTokenCancelTest.java |   2 +-
 .../sts/sendervouches/DoubleItPortTypeImpl.java |   3 +-
 .../sts/symmetric/SymmetricBindingTest.java |  10 +-
 .../cxf/systest/sts/template/TemplateTest.java  |   8 +-
 .../sts/transport/TransportBindingTest.java |   8 +-
 .../UsernameActAsCachingTest.java   |  34 ++---
 .../sts/username_actas/UsernameActAsTest.java   |   7 +-
 .../UsernameOnBehalfOfCachingTest.java  |  36 ++---
 .../UsernameOnBehalfOfTest.java |   9 +-
 .../security/oauth2/grants/JAXRSOAuth2Test.java |  13 +-
 .../saml/JAXRSSamlAuthorizationTest.java|   5 +-
 .../jaxrs/security/xml/JAXRSXmlSecTest.java | 140 +--
 .../ws/rm/sec/WSRMWithWSSecurityPolicyTest.java |  39 +-
 .../apache/cxf/systest/ws/fault/FaultTest.java  |  31 ++--
 .../ws/policy/handler/HelloServiceImpl.java |  49 +++
 .../cxf/systest/ws/saml/SamlTokenTest.java  |  62 
 .../saml/subjectconf/SamlSubjectConfTest.java   |  19 +--
 .../cxf/systest/ws/wssc/WSSCUnitTest.java   |  25 +++-
 .../systest/ws/x509/DoubleItPropertiesImpl.java |   8 ++
 23 files changed, 381 insertions(+), 154 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/30119990/rt/ws/rm/src/main/java/org/apache/cxf/ws/rm/RMManager.java
--
diff --git a/rt/ws/rm/src/main/java/org/apache/cxf/ws/rm/RMManager.java 
b/rt/ws/rm/src/main/java/org/apache/cxf/ws/rm/RMManager.java
index 6a0839e..a29a6a7 100644
--- a/rt/ws/rm/src/main/java/org/apache/cxf/ws/rm/RMManager.java
+++ b/rt/ws/rm/src/main/java/org/apache/cxf/ws/rm/RMManager.java
@@ -475,8 +475,8 @@ public class RMManager {
 Map context = new HashMap(16);
 for (String key : message.getContextualPropertyKeys()) {
 //copy other properties?
-if (key.startsWith("ws-security")) {
-context.put(key,

[4/5] cxf git commit: Fixing merge

2017-03-28 Thread coheigea 
Fixing merge


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/4586fe5b
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/4586fe5b
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/4586fe5b

Branch: refs/heads/3.1.x-fixes
Commit: 4586fe5b01c92a5353ff73bd0966d2a54329bb8b
Parents: 375c356
Author: Colm O hEigeartaigh 
Authored: Tue Mar 28 16:31:44 2017 +0100
Committer: Colm O hEigeartaigh 
Committed: Tue Mar 28 16:31:44 2017 +0100

--
 .../ws/rm/sec/WSRMWithWSSecurityPolicyTest.java | 34 --
 .../ws/policy/handler/HelloServiceImpl.java | 48 
 .../cxf/systest/ws/wssc/WSSCUnitTest.java   | 12 -
 .../systest/ws/x509/DoubleItPropertiesImpl.java |  7 ---
 4 files changed, 101 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/4586fe5b/systests/ws-rm/src/test/java/org/apache/cxf/systest/ws/rm/sec/WSRMWithWSSecurityPolicyTest.java
--
diff --git 
a/systests/ws-rm/src/test/java/org/apache/cxf/systest/ws/rm/sec/WSRMWithWSSecurityPolicyTest.java
 
b/systests/ws-rm/src/test/java/org/apache/cxf/systest/ws/rm/sec/WSRMWithWSSecurityPolicyTest.java
index c70f57d..c944a4f 100644
--- 
a/systests/ws-rm/src/test/java/org/apache/cxf/systest/ws/rm/sec/WSRMWithWSSecurityPolicyTest.java
+++ 
b/systests/ws-rm/src/test/java/org/apache/cxf/systest/ws/rm/sec/WSRMWithWSSecurityPolicyTest.java
@@ -96,39 +96,6 @@ public class WSRMWithWSSecurityPolicyTest extends 
AbstractBusClientServerTestBas
 
 @Test
 public void testContextProperty() throws Exception {
-<<< HEAD
-ClassPathXmlApplicationContext context =
-new 
ClassPathXmlApplicationContext("org/apache/cxf/systest/ws/rm/sec/client-policy.xml");
-Bus bus = (Bus)context.getBean("bus");
-BusFactory.setDefaultBus(bus);
-BusFactory.setThreadDefaultBus(bus);
-Greeter greeter = 
(Greeter)context.getBean("GreeterCombinedClientNoProperty");
-Client client = ClientProxy.getClient(greeter);
-QName operationQName = new 
QName("http://cxf.apache.org/greeter_control;, "greetMe");
-BindingOperationInfo boi = 
client.getEndpoint().getBinding().getBindingInfo().getOperation(operationQName);
-Map invocationContext = new HashMap();
-Map requestContext = new HashMap();
-Map responseContext = new HashMap();
-invocationContext.put(Client.REQUEST_CONTEXT, requestContext);
-invocationContext.put(Client.RESPONSE_CONTEXT, responseContext);
-
-requestContext.put("ws-security.username", "Alice");
-requestContext.put("ws-security.callback-handler", 
"org.apache.cxf.systest.ws.rm.sec.UTPasswordCallback");
-requestContext.put("ws-security.encryption.properties", 
"bob.properties");
-requestContext.put("ws-security.encryption.username", "bob");
-requestContext.put("ws-security.signature.properties", 
"alice.properties");
-requestContext.put("ws-security.signature.username", "alice");
-RMManager manager = bus.getExtension(RMManager.class);
-boolean empty = manager.getRetransmissionQueue().isEmpty();
-assertTrue("RetransmissionQueue is not empty", empty);
-GreetMe param = new GreetMe();
-param.setRequestType("testContextProperty");
-Object[] answer = client.invoke(boi, new Object[]{param}, 
invocationContext);
-Assert.assertEquals("TESTCONTEXTPROPERTY", answer[0].toString());
-Thread.sleep(5000);
-empty = manager.getRetransmissionQueue().isEmpty();
-assertTrue("RetransmissionQueue not empty", empty);
-===
 try (ClassPathXmlApplicationContext context =
 new 
ClassPathXmlApplicationContext("org/apache/cxf/systest/ws/rm/sec/client-policy.xml"))
 {
 Bus bus = (Bus)context.getBean("bus");
@@ -162,7 +129,6 @@ public class WSRMWithWSSecurityPolicyTest extends 
AbstractBusClientServerTestBas
 empty = manager.getRetransmissionQueue().isEmpty();
 assertTrue("RetransmissionQueue not empty", empty);
 }
->>> 428f770... Switching to use security constants in the tests instead of 
strings
 }
 
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/4586fe5b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/HelloServiceImpl.java
--
diff --git 
a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/HelloServiceImpl.java
 
b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/policy/handler/HelloServiceImpl.java
index

[2/5] cxf git commit: Switching to use security constants in the tests instead of strings

2017-03-28 Thread coheigea 
http://git-wip-us.apache.org/repos/asf/cxf/blob/30119990/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/SamlTokenTest.java
--
diff --git 
a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/SamlTokenTest.java
 
b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/SamlTokenTest.java
index 188d05c..64219eb 100644
--- 
a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/SamlTokenTest.java
+++ 
b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/saml/SamlTokenTest.java
@@ -138,7 +138,7 @@ public class SamlTokenTest extends 
AbstractBusClientServerTestBase {
 }
 
 ((BindingProvider)saml1Port).getRequestContext().put(
-"security.saml-callback-handler", new SamlCallbackHandler()
+SecurityConstants.SAML_CALLBACK_HANDLER, new SamlCallbackHandler()
 );
 try {
 saml1Port.doubleIt(25);
@@ -149,7 +149,7 @@ public class SamlTokenTest extends 
AbstractBusClientServerTestBase {
 }
 
 ((BindingProvider)saml1Port).getRequestContext().put(
-"security.saml-callback-handler", new SamlCallbackHandler(false)
+SecurityConstants.SAML_CALLBACK_HANDLER, new 
SamlCallbackHandler(false)
 );
 int result = saml1Port.doubleIt(25);
 assertTrue(result == 50);
@@ -160,7 +160,7 @@ public class SamlTokenTest extends 
AbstractBusClientServerTestBase {
 updateAddressPort(saml1Port, PORT2);
 
 ((BindingProvider)saml1Port).getRequestContext().put(
-"security.saml-callback-handler", new SamlCallbackHandler(false)
+SecurityConstants.SAML_CALLBACK_HANDLER, new 
SamlCallbackHandler(false)
 );
 
 try {
@@ -203,7 +203,7 @@ public class SamlTokenTest extends 
AbstractBusClientServerTestBase {
 SamlCallbackHandler samlCallbackHandler = new 
SamlCallbackHandler(false, true);
 samlCallbackHandler.setConfirmationMethod(SAML1Constants.CONF_BEARER);
 ((BindingProvider)saml1Port).getRequestContext().put(
-"security.saml-callback-handler", samlCallbackHandler
+SecurityConstants.SAML_CALLBACK_HANDLER, samlCallbackHandler
 );
 
 int result = saml1Port.doubleIt(25);
@@ -242,7 +242,7 @@ public class SamlTokenTest extends 
AbstractBusClientServerTestBase {
 SamlCallbackHandler callbackHandler = new SamlCallbackHandler(false, 
true);
 callbackHandler.setConfirmationMethod(SAML1Constants.CONF_BEARER);
 ((BindingProvider)saml1Port).getRequestContext().put(
-"security.saml-callback-handler", callbackHandler
+SecurityConstants.SAML_CALLBACK_HANDLER, callbackHandler
 );
 
 ((BindingProvider)saml1Port).getRequestContext().put(
@@ -296,7 +296,7 @@ public class SamlTokenTest extends 
AbstractBusClientServerTestBase {
 }
 
 ((BindingProvider)saml1Port).getRequestContext().put(
-"security.saml-callback-handler", new 
SamlElementCallbackHandler(false)
+SecurityConstants.SAML_CALLBACK_HANDLER, new 
SamlElementCallbackHandler(false)
 );
 int result = saml1Port.doubleIt(25);
 assertTrue(result == 50);
@@ -334,7 +334,7 @@ public class SamlTokenTest extends 
AbstractBusClientServerTestBase {
 }
 
 ((BindingProvider)saml2Port).getRequestContext().put(
-"security.saml-callback-handler", new SamlCallbackHandler(false)
+SecurityConstants.SAML_CALLBACK_HANDLER, new 
SamlCallbackHandler(false)
 );
 try {
 saml2Port.doubleIt(25);
@@ -347,7 +347,7 @@ public class SamlTokenTest extends 
AbstractBusClientServerTestBase {
 SamlCallbackHandler samlCallbackHandler = new SamlCallbackHandler();
 samlCallbackHandler.setSignAssertion(true);
 ((BindingProvider)saml2Port).getRequestContext().put(
-"security.saml-callback-handler", samlCallbackHandler
+SecurityConstants.SAML_CALLBACK_HANDLER, samlCallbackHandler
 );
 int result = saml2Port.doubleIt(25);
 assertTrue(result == 50);
@@ -381,7 +381,7 @@ public class SamlTokenTest extends 
AbstractBusClientServerTestBase {
 }
 
 ((BindingProvider)saml2Port).getRequestContext().put(
-"security.saml-callback-handler", new SamlCallbackHandler()
+SecurityConstants.SAML_CALLBACK_HANDLER, new SamlCallbackHandler()
 );
 
 try {
@@ -425,7 +425,7 @@ public class SamlTokenTest extends 
AbstractBusClientServerTestBase {
 }
 
 ((BindingProvider)saml2Port).getRequestContext().put(
-"security.saml-callback-handler", new SamlCallbackHandler(false)
+SecurityConstants.SAML_CALLBACK_HANDLER, new 
SamlCallbackHandler(false)
 );
 try {

[5/5] cxf git commit: Fixing merge

2017-03-28 Thread coheigea 
Fixing merge


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/794243e6
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/794243e6
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/794243e6

Branch: refs/heads/3.1.x-fixes
Commit: 794243e6c9ed943a78cde259f40d984514c03559
Parents: 4586fe5
Author: Colm O hEigeartaigh 
Authored: Tue Mar 28 17:10:04 2017 +0100
Committer: Colm O hEigeartaigh 
Committed: Tue Mar 28 17:10:04 2017 +0100

--
 .../jaxrs/security/xml/JAXRSXmlSecTest.java | 113 +--
 1 file changed, 1 insertion(+), 112 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/794243e6/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java
--
diff --git 
a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java
 
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java
index 83584e5..7eff132 100644
--- 
a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java
+++ 
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java
@@ -98,7 +98,7 @@ public class JAXRSXmlSecTest extends 
AbstractBusClientServerTestBase {
 Bus springBus = bf.createBus(busFile.toString());
 bean.setBus(springBus);
 
-Map newProperties = new HashMap<>();
+Map newProperties = new HashMap();
 newProperties.put(SecurityConstants.CALLBACK_HANDLER,
 
"org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
 newProperties.put(SecurityConstants.SIGNATURE_USERNAME, "alice");
@@ -143,13 +143,8 @@ public class JAXRSXmlSecTest extends 
AbstractBusClientServerTestBase {
 String address = "https://localhost:; + test.port + 
"/xmlsigconstraints";
 
 // Successful test with "bob"
-<<< HEAD
-Map newProperties = new HashMap();
-newProperties.put("security.callback-handler", 
-===
 Map newProperties = new HashMap<>();
 newProperties.put(SecurityConstants.CALLBACK_HANDLER,
->>> 428f770... Switching to use security constants in the tests instead of 
strings
 
"org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
 newProperties.put(SecurityConstants.SIGNATURE_USERNAME, "bob");
 
@@ -159,11 +154,7 @@ public class JAXRSXmlSecTest extends 
AbstractBusClientServerTestBase {
 
 // Constraint validation fails with "alice"
 newProperties.clear();
-<<< HEAD
-newProperties.put("security.callback-handler", 
-===
 newProperties.put(SecurityConstants.CALLBACK_HANDLER,
->>> 428f770... Switching to use security constants in the tests instead of 
strings
 
"org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
 newProperties.put(SecurityConstants.SIGNATURE_USERNAME, "alice");
 
@@ -196,17 +187,10 @@ public class JAXRSXmlSecTest extends 
AbstractBusClientServerTestBase {
 
 Map newProperties = new HashMap(properties);
 if (newProperties.isEmpty()) {
-<<< HEAD
-newProperties.put("security.callback-handler", 
-   
"org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
-newProperties.put("security.signature.username", "alice");
-
-===
 newProperties.put(SecurityConstants.CALLBACK_HANDLER,

"org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
 newProperties.put(SecurityConstants.SIGNATURE_USERNAME, "alice");
 
->>> 428f770... Switching to use security constants in the tests instead of 
strings
 String cryptoUrl = 
"org/apache/cxf/systest/jaxrs/security/alice.properties";
 if (cryptoUrlPrefix != null) {
 cryptoUrl = cryptoUrlPrefix + this.getClass().getResource("/" 
+ cryptoUrl).toURI().getPath();
@@ -278,19 +262,11 @@ public class JAXRSXmlSecTest extends 
AbstractBusClientServerTestBase {
 Bus springBus = bf.createBus(busFile.toString());
 bean.setBus(springBus);
 
-<<< HEAD
-Map properties = new HashMap();
-properties.put("security.callback-handler", 
-   
"org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
-properties.put("security.signature.username", "alice");
-

[1/5] cxf git commit: Recording .gitmergeinfo Changes

2017-03-28 Thread coheigea 
Repository: cxf
Updated Branches:
  refs/heads/3.1.x-fixes 0b094e88f -> 794243e6c


Recording .gitmergeinfo Changes


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/375c356a
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/375c356a
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/375c356a

Branch: refs/heads/3.1.x-fixes
Commit: 375c356a6cda9fed795173155eebc5d1c5b523f1
Parents: 3011999
Author: Colm O hEigeartaigh 
Authored: Tue Mar 28 16:30:35 2017 +0100
Committer: Colm O hEigeartaigh 
Committed: Tue Mar 28 16:30:35 2017 +0100

--
 .gitmergeinfo | 1 +
 1 file changed, 1 insertion(+)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/375c356a/.gitmergeinfo
--
diff --git a/.gitmergeinfo b/.gitmergeinfo
index d09c806..e21ad4a 100644
--- a/.gitmergeinfo
+++ b/.gitmergeinfo
@@ -376,6 +376,7 @@ M 3bbfc22e182ffea8c98ba8f84b4f55abfce353e7
 M 3be9aac26a003ef43995054da875ffd5fa5a2eb4
 M 3e30d8892a723adcf04268efd7d407e164607065
 M 417fb946eec38f403d915e90f405594675a7f7e0
+M 428f7700de80d4d6ea09158f42d057e9f24abe48
 M 437c7daa3345c8482deab4a4da9b164e68fd417a
 M 45d54d558625236b84752b0d7976f0cf85518c16
 M 4719a033d54fd9fcd173be273e6c320d8353b631

[1/2] cxf git commit: Switching to use security constants in the tests instead of strings

2017-03-28 Thread coheigea 
Repository: cxf
Updated Branches:
  refs/heads/master 0ffcd507e -> 428f7700d


http://git-wip-us.apache.org/repos/asf/cxf/blob/428f7700/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssc/WSSCUnitTest.java
--
diff --git 
a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssc/WSSCUnitTest.java
 
b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssc/WSSCUnitTest.java
index 0ee3226..fe6afde 100644
--- 
a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssc/WSSCUnitTest.java
+++ 
b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/wssc/WSSCUnitTest.java
@@ -36,6 +36,7 @@ import javax.xml.ws.Service;
 
 import org.apache.cxf.Bus;
 import org.apache.cxf.bus.spring.SpringBusFactory;
+import org.apache.cxf.rt.security.SecurityConstants;
 import org.apache.cxf.systest.ws.common.SecurityTestUtil;
 import org.apache.cxf.systest.ws.common.TestParam;
 import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
@@ -206,11 +207,11 @@ public class WSSCUnitTest extends 
AbstractBusClientServerTestBase {
 stsClient.setPolicy(createSymmetricBindingPolicy());
 
 Map properties = new HashMap<>();
-properties.put("security.encryption.username", "bob");
+properties.put(SecurityConstants.ENCRYPT_USERNAME, "bob");
 TokenCallbackHandler callbackHandler = new TokenCallbackHandler();
-properties.put("security.callback-handler", callbackHandler);
-properties.put("security.signature.properties", "alice.properties");
-properties.put("security.encryption.properties", "bob.properties");
+properties.put(SecurityConstants.CALLBACK_HANDLER, callbackHandler);
+properties.put(SecurityConstants.SIGNATURE_PROPERTIES, 
"alice.properties");
+properties.put(SecurityConstants.ENCRYPT_PROPERTIES, "bob.properties");
 stsClient.setProperties(properties);
 
 SecurityToken securityToken =
@@ -241,11 +242,11 @@ public class WSSCUnitTest extends 
AbstractBusClientServerTestBase {
 stsClient.setPolicy(createSymmetricBindingPolicy());
 
 Map properties = new HashMap<>();
-properties.put("security.encryption.username", "bob");
+properties.put(SecurityConstants.ENCRYPT_USERNAME, "bob");
 TokenCallbackHandler callbackHandler = new TokenCallbackHandler();
-properties.put("security.callback-handler", callbackHandler);
-properties.put("security.signature.properties", "alice.properties");
-properties.put("security.encryption.properties", "bob.properties");
+properties.put(SecurityConstants.CALLBACK_HANDLER, callbackHandler);
+properties.put(SecurityConstants.SIGNATURE_PROPERTIES, 
"alice.properties");
+properties.put(SecurityConstants.ENCRYPT_PROPERTIES, "bob.properties");
 stsClient.setProperties(properties);
 
 SecurityToken securityToken =

http://git-wip-us.apache.org/repos/asf/cxf/blob/428f7700/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/x509/DoubleItPropertiesImpl.java
--
diff --git 
a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/x509/DoubleItPropertiesImpl.java
 
b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/x509/DoubleItPropertiesImpl.java
index a729832..23ae971 100644
--- 
a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/x509/DoubleItPropertiesImpl.java
+++ 
b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/x509/DoubleItPropertiesImpl.java
@@ -23,6 +23,7 @@ import javax.jws.WebService;
 import org.apache.cxf.annotations.EndpointProperties;
 import org.apache.cxf.annotations.EndpointProperty;
 import org.apache.cxf.feature.Features;
+import org.apache.cxf.rt.security.SecurityConstants;
 
 import org.example.contract.doubleit.DoubleItFault;
 import org.example.contract.doubleit.DoubleItPortType;
@@ -33,10 +34,10 @@ import org.example.contract.doubleit.DoubleItPortType;
 @Features(features = "org.apache.cxf.feature.LoggingFeature")
 
 @EndpointProperties({
-@EndpointProperty(key = "security.encryption.username", value = "alice"),
-@EndpointProperty(key = "security.encryption.properties", value = 
"alice.properties"),
-@EndpointProperty(key = "security.signature.properties", value = 
"bob.properties"),
-@EndpointProperty(key = "security.callback-handler",
+@EndpointProperty(key = SecurityConstants.ENCRYPT_USERNAME, value = 
"alice"),
+@EndpointProperty(key = SecurityConstants.ENCRYPT_PROPERTIES, value = 
"alice.properties"),
+@EndpointProperty(key = SecurityConstants.SIGNATURE_PROPERTIES, value = 
"bob.properties"),
+@EndpointProperty(key = SecurityConstants.CALLBACK_HANDLER,
   value = 
"org.apache.cxf.systest.ws.common.KeystorePasswordCallback")
 })
 public class DoubleItPropertiesImpl

[2/2] cxf git commit: Switching to use security constants in the tests instead of strings

2017-03-28 Thread coheigea 
Switching to use security constants in the tests instead of strings


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/428f7700
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/428f7700
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/428f7700

Branch: refs/heads/master
Commit: 428f7700de80d4d6ea09158f42d057e9f24abe48
Parents: 0ffcd50
Author: Colm O hEigeartaigh 
Authored: Tue Mar 28 16:27:09 2017 +0100
Committer: Colm O hEigeartaigh 
Committed: Tue Mar 28 16:27:09 2017 +0100

--
 .../java/org/apache/cxf/ws/rm/RMManager.java|   2 +-
 .../systest/sts/custom/CustomParameterTest.java |  16 +--
 .../custom_onbehalfof/CustomOnBehalfOfTest.java |   5 +-
 .../cxf/systest/sts/renew/SAMLRenewTest.java|   2 +-
 .../SecurityContextTokenCancelTest.java |   2 +-
 .../sts/sendervouches/DoubleItPortTypeImpl.java |   3 +-
 .../sts/symmetric/SymmetricBindingTest.java |   8 +-
 .../cxf/systest/sts/template/TemplateTest.java  |   4 +-
 .../sts/transport/TransportBindingTest.java |   4 +-
 .../UsernameActAsCachingTest.java   |  34 +++---
 .../sts/username_actas/UsernameActAsTest.java   |   7 +-
 .../UsernameOnBehalfOfCachingTest.java  |  34 +++---
 .../UsernameOnBehalfOfTest.java |   7 +-
 .../security/oauth2/grants/JAXRSOAuth2Test.java |   9 +-
 .../saml/JAXRSSamlAuthorizationTest.java|   3 +-
 .../jaxrs/security/xml/JAXRSXmlSecTest.java | 113 ++-
 .../ws/rm/sec/WSRMWithWSSecurityPolicyTest.java |  16 +--
 .../apache/cxf/systest/ws/fault/FaultTest.java  |  31 ++---
 .../ws/policy/handler/HelloServiceImpl.java |   7 +-
 .../cxf/systest/ws/saml/SamlTokenTest.java  |  62 +-
 .../saml/subjectconf/SamlSubjectConfTest.java   |  19 ++--
 .../cxf/systest/ws/wssc/WSSCUnitTest.java   |  17 +--
 .../systest/ws/x509/DoubleItPropertiesImpl.java |   9 +-
 23 files changed, 214 insertions(+), 200 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/428f7700/rt/ws/rm/src/main/java/org/apache/cxf/ws/rm/RMManager.java
--
diff --git a/rt/ws/rm/src/main/java/org/apache/cxf/ws/rm/RMManager.java 
b/rt/ws/rm/src/main/java/org/apache/cxf/ws/rm/RMManager.java
index ecf41f9..0f1ac27 100644
--- a/rt/ws/rm/src/main/java/org/apache/cxf/ws/rm/RMManager.java
+++ b/rt/ws/rm/src/main/java/org/apache/cxf/ws/rm/RMManager.java
@@ -475,7 +475,7 @@ public class RMManager {
 Map context = new HashMap<>(16);
 for (String key : message.getContextualPropertyKeys()) {
 //copy other properties?
-if (key.startsWith("ws-security")) {
+if (key.startsWith("ws-security") || 
key.startsWith("security.")) {
 context.put(key, message.getContextualProperty(key));
 }
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/428f7700/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/custom/CustomParameterTest.java
--
diff --git 
a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/custom/CustomParameterTest.java
 
b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/custom/CustomParameterTest.java
index f59f1e3..f6ff291 100644
--- 
a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/custom/CustomParameterTest.java
+++ 
b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/custom/CustomParameterTest.java
@@ -98,8 +98,8 @@ public class CustomParameterTest extends 
AbstractBusClientServerTestBase {
 
stsClient.setEndpointName("{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}UT_Port;);
 
 Map properties = new HashMap<>();
-properties.put("security.username", "alice");
-properties.put("security.callback-handler", 
"org.apache.cxf.systest.sts.common.CommonCallbackHandler");
+properties.put(SecurityConstants.USERNAME, "alice");
+properties.put(SecurityConstants.CALLBACK_HANDLER, 
"org.apache.cxf.systest.sts.common.CommonCallbackHandler");
 properties.put("security.sts.token.username", "myclientkey");
 properties.put("security.sts.token.properties", 
"clientKeystore.properties");
 properties.put("security.sts.token.usecert", "true");
@@ -143,8 +143,8 @@ public class CustomParameterTest extends 
AbstractBusClientServerTestBase {
 
stsClient.setEndpointName("{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}UT_Port;);
 
 Map properties = new HashMap<>();
-properties.put("security.username", "alice");
-

[2/6] cxf git commit: Adding signature negative tests for WS-Security, client + server side

2017-03-28 Thread coheigea 
Adding signature negative tests for WS-Security, client + server side


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/8b13c36c
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/8b13c36c
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/8b13c36c

Branch: refs/heads/3.0.x-fixes
Commit: 8b13c36c0978164dc24c80cd7c2f046cba2ea4a2
Parents: 657541e
Author: Colm O hEigeartaigh 
Authored: Tue Mar 28 12:18:54 2017 +0100
Committer: Colm O hEigeartaigh 
Committed: Tue Mar 28 14:35:05 2017 +0100

--
 .../cxf/systest/ws/action/ActionTest.java   | 112 +++
 .../ws/common/KeystorePasswordCallback.java |   2 +
 .../src/test/resources/bethal.properties|  24 
 .../cxf/systest/ws/action/DoubleItAction.wsdl   |  12 ++
 .../org/apache/cxf/systest/ws/action/client.xml | 104 +
 .../org/apache/cxf/systest/ws/action/server.xml | 104 +
 .../src/test/resources/truststore.properties|  23 
 7 files changed, 381 insertions(+)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/8b13c36c/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java
--
diff --git 
a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java
 
b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java
index 2a67c22..9d86f62 100644
--- 
a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java
+++ 
b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java
@@ -291,4 +291,116 @@ public class ActionTest extends 
AbstractBusClientServerTestBase {
 ((java.io.Closeable)port).close();
 bus.shutdown(true);
 }
+
+@org.junit.Test
+public void testSignatureNegativeClient() throws Exception {
+
+SpringBusFactory bf = new SpringBusFactory();
+URL busFile = ActionTest.class.getResource("client.xml");
+
+Bus bus = bf.createBus(busFile.toString());
+SpringBusFactory.setDefaultBus(bus);
+SpringBusFactory.setThreadDefaultBus(bus);
+
+URL wsdl = ActionTest.class.getResource("DoubleItAction.wsdl");
+Service service = Service.create(wsdl, SERVICE_QNAME);
+QName portQName = new QName(NAMESPACE, 
"DoubleItSignatureNegativeClientPort");
+DoubleItPortType port =
+service.getPort(portQName, DoubleItPortType.class);
+updateAddressPort(port, PORT);
+
+try {
+port.doubleIt(25);
+fail("Failure expected as the client doesn't trust the cert of the 
service");
+} catch (javax.xml.ws.soap.SOAPFaultException ex) {
+// expected
+}
+
+((java.io.Closeable)port).close();
+bus.shutdown(true);
+}
+
+@org.junit.Test
+public void testSignatureNegativeClientStreaming() throws Exception {
+
+SpringBusFactory bf = new SpringBusFactory();
+URL busFile = ActionTest.class.getResource("client.xml");
+
+Bus bus = bf.createBus(busFile.toString());
+SpringBusFactory.setDefaultBus(bus);
+SpringBusFactory.setThreadDefaultBus(bus);
+
+URL wsdl = ActionTest.class.getResource("DoubleItAction.wsdl");
+Service service = Service.create(wsdl, SERVICE_QNAME);
+QName portQName = new QName(NAMESPACE, 
"DoubleItSignatureNegativeClientPort2");
+DoubleItPortType port =
+service.getPort(portQName, DoubleItPortType.class);
+updateAddressPort(port, PORT);
+
+try {
+port.doubleIt(25);
+fail("Failure expected as the client doesn't trust the cert of the 
service");
+} catch (javax.xml.ws.soap.SOAPFaultException ex) {
+// expected
+}
+
+((java.io.Closeable)port).close();
+bus.shutdown(true);
+}
+
+@org.junit.Test
+public void testSignatureNegativeServer() throws Exception {
+
+SpringBusFactory bf = new SpringBusFactory();
+URL busFile = ActionTest.class.getResource("client.xml");
+
+Bus bus = bf.createBus(busFile.toString());
+SpringBusFactory.setDefaultBus(bus);
+SpringBusFactory.setThreadDefaultBus(bus);
+
+URL wsdl = ActionTest.class.getResource("DoubleItAction.wsdl");
+Service service = Service.create(wsdl, SERVICE_QNAME);
+QName portQName = new QName(NAMESPACE, 
"DoubleItSignatureNegativeServerPort");
+DoubleItPortType port =
+service.getPort(portQName, DoubleItPortType.class);
+updateAddressPort(port, PORT);
+
+try {
+port.doubleIt(25);
+fail("Failure expected as the service doesn't trust the

[5/6] cxf git commit: Recording .gitmergeinfo Changes

2017-03-28 Thread coheigea 
Recording .gitmergeinfo Changes


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/53416a58
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/53416a58
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/53416a58

Branch: refs/heads/3.0.x-fixes
Commit: 53416a586f1aff111dbdfc361e858b1ec1c28b6b
Parents: 6386e37
Author: Colm O hEigeartaigh 
Authored: Tue Mar 28 14:35:32 2017 +0100
Committer: Colm O hEigeartaigh 
Committed: Tue Mar 28 14:35:32 2017 +0100

--
 .gitmergeinfo | 2 ++
 1 file changed, 2 insertions(+)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/53416a58/.gitmergeinfo
--
diff --git a/.gitmergeinfo b/.gitmergeinfo
index 6580322..7d99e41 100644
--- a/.gitmergeinfo
+++ b/.gitmergeinfo
@@ -59,6 +59,7 @@ B 0aaa2b5742a53bf31704939e4bc21906100bbc54
 B 0ab9416fda31298e485f2a6864c263447e4b32de
 B 0ac5dde071c9c2731fca757a2108f5dd698f8af5
 B 0afa064ee3b92a6b3e5fd8c5205a287d7884353b
+B 0b094e88f775dc10caea0b85a52dcc21ef45300c
 B 0b40c84e1440601a9b8779b93812b1c41cddd138
 B 0b7e0e914328aa7a78a2eab00bb1040c703e9b63
 B 0b9097fbd1cddbb4a183e9448576bde2a6eb2589
@@ -1899,6 +1900,7 @@ M aca58c80bbe184c1730d21e9752ef7825a006bc0
 M ad75192db72294e6d117e020aea890a50c166f79
 M aeff8782d28ec57e5aaab9c7b709d89e1d2a7c15
 M af2f7d3a52076f60d0f98a2635e2adef256a9efe
+M af69b53d8460c7c80546afb8ae56dd086a807a6f
 M af7de1d82d77e3653b72ee83b4aa3f91e1a1d039
 M afaf1debd104b7d9850713b866b9f4d58e8dd8d5
 M b0035ade0042160b77b4848939f58efe9a77d6c7

[3/6] cxf git commit: Adding some negative tests for trust verification for rs-security

2017-03-28 Thread coheigea 
Adding some negative tests for trust verification for rs-security

# Conflicts:
#   
rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/7cee545a
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/7cee545a
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/7cee545a

Branch: refs/heads/3.0.x-fixes
Commit: 7cee545a760b2f0468a791db2c8c07ae9e75b86d
Parents: 8b13c36
Author: Colm O hEigeartaigh 
Authored: Tue Mar 28 13:04:16 2017 +0100
Committer: Colm O hEigeartaigh 
Committed: Tue Mar 28 14:35:26 2017 +0100

--
 .../security/xml/AbstractXmlSecInHandler.java   |  6 +-
 .../rs/security/xml/XmlSecInInterceptor.java|  6 +-
 .../security/saml/KeystorePasswordCallback.java |  4 +
 .../jaxrs/security/xml/JAXRSXmlSecTest.java | 90 
 .../systest/jaxrs/security/bethal.properties| 24 ++
 .../systest/jaxrs/security/morpit.properties| 21 +
 .../jaxrs/security/morpittrust.properties   | 23 +
 .../cxf/systest/jaxrs/security/xml/server.xml   | 32 +++
 .../systest/jaxrs/security/xml/stax-server.xml  | 34 +++-
 9 files changed, 235 insertions(+), 5 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/7cee545a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java
--
diff --git 
a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java
 
b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java
index 035e54b..84c8150 100644
--- 
a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java
+++ 
b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java
@@ -80,7 +80,11 @@ public abstract class AbstractXmlSecInHandler {
 }
 
 protected void throwFault(String error, Exception ex) {
-LOG.warning(error);
+StringBuilder log = new StringBuilder(error);
+if (ex != null) {
+log = log.append(" - ").append(ex.getMessage());
+}
+LOG.warning(log.toString());
 Response response = 
JAXRSUtils.toResponseBuilder(400).entity(error).build();
 throw ExceptionUtils.toBadRequestException(null, response);
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/7cee545a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
--
diff --git 
a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
 
b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
index 07bc910..44da705 100644
--- 
a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
+++ 
b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
@@ -308,8 +308,8 @@ public class XmlSecInInterceptor extends 
AbstractPhaseInterceptor imple
 try {
 new TrustValidator().validateTrust(sigCrypto, cert, publicKey, 
subjectDNPatterns);
 } catch (WSSecurityException e) {
-throw new XMLSecurityException("empty", new Object[] {"Error 
during Signature Trust "
-   + "validation: " + 
e.getMessage()});
+String error = "Signature validation failed";
+throw new XMLSecurityException("empty", new Object[] {error});
 }
 
 if (persistSignature) {
@@ -400,7 +400,7 @@ public class XmlSecInInterceptor extends 
AbstractPhaseInterceptor imple
 }
 
 }
-
+
 /**
  * This interceptor handles parsing the StaX results (events) + checks to 
see whether the 
  * required (if any) Actions (signature or encryption) were fulfilled.

http://git-wip-us.apache.org/repos/asf/cxf/blob/7cee545a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/KeystorePasswordCallback.java
--
diff --git 
a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/KeystorePasswordCallback.java
 
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/KeystorePasswordCallback.java
index 3103aad..099bc4e 100644
--- 
a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/KeystorePasswordCallback.java
+++ 
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/KeystorePasswordCallback.java
@@ -46,6 +46,10 @@ public

[4/6] cxf git commit: Fixing tests

2017-03-28 Thread coheigea 
Fixing tests


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/6386e377
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/6386e377
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/6386e377

Branch: refs/heads/3.0.x-fixes
Commit: 6386e3772dffdf08d72d0eab204ca38001c72387
Parents: 7cee545
Author: Colm O hEigeartaigh 
Authored: Tue Mar 28 13:10:51 2017 +0100
Committer: Colm O hEigeartaigh 
Committed: Tue Mar 28 14:35:32 2017 +0100

--
 .../jaxrs/security/xml/JAXRSXmlSecTest.java | 26 
 1 file changed, 10 insertions(+), 16 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/6386e377/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java
--
diff --git 
a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java
 
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java
index f4218ec..1cc5ad2 100644
--- 
a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java
+++ 
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java
@@ -244,7 +244,7 @@ public class JAXRSXmlSecTest extends 
AbstractBusClientServerTestBase {
 if (!useKeyInfo) {
 sigInInterceptor.setSignatureVerificationAlias("alice");
 }
-bean.getInInterceptors().add(sigInInterceptor);
+bean.setProvider(sigInInterceptor);
 } else {
 XmlSigOutInterceptor sigOutInterceptor = new 
XmlSigOutInterceptor();
 if (enveloping) {
@@ -260,19 +260,13 @@ public class JAXRSXmlSecTest extends 
AbstractBusClientServerTestBase {
 
 WebClient wc = bean.createWebClient();
 
WebClient.getConfig(wc).getHttpConduit().getClient().setReceiveTimeout(1000L);
-try {
-Book book;
-if (!fromResponse) {
-book = wc.post(new Book("CXF", 126L), Book.class);
-} else {
-book = wc.post(new Book("CXF", 126L)).readEntity(Book.class);
-}
-assertEquals(126L, book.getId());
-} catch (WebApplicationException ex) {
-fail(ex.getMessage());
-} catch (ProcessingException ex) {
-assertTrue(ex.getCause() instanceof BadRequestException);
+Book book;
+if (!fromResponse) {
+book = wc.post(new Book("CXF", 126L), Book.class);
+} else {
+book = wc.post(new Book("CXF", 126L)).readEntity(Book.class);
 }
+assertEquals(126L, book.getId());
 }
 
 @Test
@@ -301,7 +295,7 @@ public class JAXRSXmlSecTest extends 
AbstractBusClientServerTestBase {
 
 XmlSecInInterceptor sigInInterceptor = new XmlSecInInterceptor();
 sigInInterceptor.setRequireSignature(true);
-bean.getInInterceptors().add(sigInInterceptor);
+bean.setProvider(sigInInterceptor);
 } else {
 XmlSigOutInterceptor sigOutInterceptor = new 
XmlSigOutInterceptor();
 bean.getOutInterceptors().add(sigOutInterceptor);
@@ -346,7 +340,7 @@ public class JAXRSXmlSecTest extends 
AbstractBusClientServerTestBase {
 
 XmlSecInInterceptor sigInInterceptor = new XmlSecInInterceptor();
 sigInInterceptor.setRequireSignature(true);
-bean.getInInterceptors().add(sigInInterceptor);
+bean.setProvider(sigInInterceptor);
 } else {
 XmlSigOutInterceptor sigOutInterceptor = new 
XmlSigOutInterceptor();
 bean.getOutInterceptors().add(sigOutInterceptor);
@@ -542,7 +536,7 @@ public class JAXRSXmlSecTest extends 
AbstractBusClientServerTestBase {
 
 XmlSecInInterceptor encInInterceptor = new XmlSecInInterceptor();
 encInInterceptor.setRequireEncryption(true);
-bean.getInInterceptors().add(encInInterceptor);
+bean.setProvider(encInInterceptor);
 } else {
 if (sign) {
 bean.getOutInterceptors().add(new XmlSigOutInterceptor());

[1/6] cxf git commit: Removing unused file

2017-03-28 Thread coheigea 
Repository: cxf
Updated Branches:
  refs/heads/3.0.x-fixes 3d4462f94 -> 381c4b6b4


Removing unused file


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/657541ea
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/657541ea
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/657541ea

Branch: refs/heads/3.0.x-fixes
Commit: 657541eaed35b7e5ebf69354cc1463eaf4440b5f
Parents: 3d4462f
Author: Colm O hEigeartaigh 
Authored: Tue Mar 28 11:55:24 2017 +0100
Committer: Colm O hEigeartaigh 
Committed: Tue Mar 28 14:35:03 2017 +0100

--
 systests/ws-security/src/test/resources/kerberos.jaas | 8 
 1 file changed, 8 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/657541ea/systests/ws-security/src/test/resources/kerberos.jaas
--
diff --git a/systests/ws-security/src/test/resources/kerberos.jaas 
b/systests/ws-security/src/test/resources/kerberos.jaas
deleted file mode 100644
index b773cf6..000
--- a/systests/ws-security/src/test/resources/kerberos.jaas
+++ /dev/null
@@ -1,8 +0,0 @@
-
-alice {
-com.sun.security.auth.module.Krb5LoginModule required 
refreshKrb5Config=true useKeyTab=true keyTab="/etc/alice.keytab" 
principal="alice";
-};
-
-bob {
-com.sun.security.auth.module.Krb5LoginModule required 
refreshKrb5Config=true useKeyTab=true storeKey=true keyTab="/etc/bob.keytab" 
principal="bob/service.ws.apache.org";
-};

[6/6] cxf git commit: Fixing tests

2017-03-28 Thread coheigea 
Fixing tests


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/381c4b6b
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/381c4b6b
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/381c4b6b

Branch: refs/heads/3.0.x-fixes
Commit: 381c4b6b4d26048d0ff0fa3deed7d7f29c965cfc
Parents: 53416a5
Author: Colm O hEigeartaigh 
Authored: Tue Mar 28 15:38:06 2017 +0100
Committer: Colm O hEigeartaigh 
Committed: Tue Mar 28 15:38:06 2017 +0100

--
 .../jaxrs/security/xml/JAXRSXmlSecTest.java | 230 +--
 .../src/test/resources/keys/Bethal.jks  | Bin 0 -> 2202 bytes
 .../src/test/resources/keys/Morpit.jks  | Bin 0 -> 2221 bytes
 .../src/test/resources/keys/Truststore.jks  | Bin 0 -> 4447 bytes
 .../cxf/systest/jaxrs/security/xml/server.xml   |   8 +-
 .../systest/jaxrs/security/xml/stax-server.xml  |   8 +-
 6 files changed, 123 insertions(+), 123 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/381c4b6b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java
--
diff --git 
a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java
 
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java
index 1cc5ad2..747d12f 100644
--- 
a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java
+++ 
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java
@@ -55,43 +55,43 @@ import org.junit.runners.Parameterized.Parameters;
 public class JAXRSXmlSecTest extends AbstractBusClientServerTestBase {
 public static final String PORT = BookServerXmlSec.PORT;
 public static final String STAX_PORT = StaxBookServerXmlSec.PORT;
-
+
 final TestParam test;
-
+
 public JAXRSXmlSecTest(TestParam type) {
 this.test = type;
 }
 
 @BeforeClass
 public static void startServers() throws Exception {
-assertTrue("server did not launch correctly", 
+assertTrue("server did not launch correctly",
launchServer(BookServerXmlSec.class, true));
-assertTrue("server did not launch correctly", 
+assertTrue("server did not launch correctly",
launchServer(StaxBookServerXmlSec.class, true));
 }
-
+
 @Parameters(name = "{0}")
 public static Collection data() {
-   
+
 return Arrays.asList(new TestParam[][] {{new TestParam(PORT, false)},
 {new TestParam(STAX_PORT, 
false)},
 {new TestParam(PORT, true)},
 {new TestParam(STAX_PORT, 
true)},
 });
 }
-
+
 @Test
 public void testPostBookWithEnvelopedSigAndProxy() throws Exception {
 String address = "https://localhost:; + test.port + "/xmlsig";
 doTestSignatureProxy(address, false, null, test.streaming);
 }
-
+
 @Test
 public void testPostBookWithEnvelopedSigAndProxy2() throws Exception {
 String address = "https://localhost:; + test.port + "/xmlsig";
 doTestSignatureProxy(address, false, "", test.streaming);
 }
-
+
 @Test
 public void testPostBookEnvelopingSigAndProxy() throws Exception {
 if (test.streaming || STAX_PORT.equals(test.port)) {
@@ -101,24 +101,24 @@ public class JAXRSXmlSecTest extends 
AbstractBusClientServerTestBase {
 String address = "https://localhost:; + test.port + "/xmlsig";
 doTestSignatureProxy(address, true, "file:", test.streaming);
 }
-
+
 @Test
 public void testCertConstraints() throws Exception {
 String address = "https://localhost:; + test.port + 
"/xmlsigconstraints";
-
+
 // Successful test with "bob"
 Map newProperties = new HashMap();
-newProperties.put("ws-security.callback-handler", 
+newProperties.put("ws-security.callback-handler",
 
"org.apache.cxf.systest.jaxrs.security.saml.KeystorePasswordCallback");
 newProperties.put("ws-security.signature.username", "bob");
 
 String cryptoUrl = 
"org/apache/cxf/systest/jaxrs/security/bob.properties";
 newProperties.put("ws-security.signature.properties", cryptoUrl);
 doTestSignatureProxy(address, false, null, test.streaming, 
newProperties);
-
+
 // Constraint validation fails with "alice"
 newProperties.clear();
-newProperties.put("ws-security.callback-handler", 
+

cxf git commit: Updating XmlSecInInterceptor on 3.0.x

2017-03-28 Thread sergeyb 
Repository: cxf
Updated Branches:
  refs/heads/3.0.x-fixes 491a6e81e -> 3d4462f94


Updating XmlSecInInterceptor on 3.0.x


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/3d4462f9
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/3d4462f9
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/3d4462f9

Branch: refs/heads/3.0.x-fixes
Commit: 3d4462f94085dc4f6f459befc6e397568fa9aec3
Parents: 491a6e8
Author: Sergey Beryozkin 
Authored: Tue Mar 28 13:50:30 2017 +0100
Committer: Sergey Beryozkin 
Committed: Tue Mar 28 13:50:30 2017 +0100

--
 .../cxf/jaxrs/impl/AbstractPropertiesImpl.java  |  4 ++
 .../rs/security/xml/XmlSecInInterceptor.java| 47 +++-
 2 files changed, 40 insertions(+), 11 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/3d4462f9/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/AbstractPropertiesImpl.java
--
diff --git 
a/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/AbstractPropertiesImpl.java
 
b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/AbstractPropertiesImpl.java
index caf8139..2b69400 100644
--- 
a/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/AbstractPropertiesImpl.java
+++ 
b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/AbstractPropertiesImpl.java
@@ -47,4 +47,8 @@ public abstract class AbstractPropertiesImpl {
 public Collection getPropertyNames() {
 return holder.getPropertyNames();
 }
+
+public Message getMessage() {
+return m;
+}
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/3d4462f9/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
--
diff --git 
a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
 
b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
index 21b431b..07bc910 100644
--- 
a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
+++ 
b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
@@ -34,16 +34,21 @@ import java.util.regex.PatternSyntaxException;
 import javax.security.auth.callback.Callback;
 import javax.security.auth.callback.CallbackHandler;
 import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.ws.rs.WebApplicationException;
 import javax.ws.rs.core.Response;
+import javax.ws.rs.ext.ReaderInterceptor;
+import javax.ws.rs.ext.ReaderInterceptorContext;
 import javax.xml.stream.XMLStreamException;
 import javax.xml.stream.XMLStreamReader;
 
 import org.apache.cxf.common.logging.LogUtils;
 import org.apache.cxf.interceptor.Fault;
 import org.apache.cxf.interceptor.StaxInInterceptor;
+import org.apache.cxf.jaxrs.impl.ReaderInterceptorContextImpl;
 import org.apache.cxf.jaxrs.utils.ExceptionUtils;
 import org.apache.cxf.jaxrs.utils.JAXRSUtils;
 import org.apache.cxf.message.Message;
+import org.apache.cxf.message.MessageUtils;
 import org.apache.cxf.phase.AbstractPhaseInterceptor;
 import org.apache.cxf.phase.Phase;
 import org.apache.cxf.rs.security.common.CryptoLoader;
@@ -71,7 +76,7 @@ import 
org.apache.xml.security.stax.securityToken.SecurityToken;
 /**
  * A new StAX-based interceptor for processing messages with XML Signature + 
Encryption content.
  */
-public class XmlSecInInterceptor extends AbstractPhaseInterceptor {
+public class XmlSecInInterceptor extends AbstractPhaseInterceptor 
implements ReaderInterceptor {
 
 private static final Logger LOG = 
LogUtils.getL7dLogger(XmlSecInInterceptor.class);
 
@@ -93,14 +98,16 @@ public class XmlSecInInterceptor extends 
AbstractPhaseInterceptor {
 }
 
 public void handleMessage(Message message) throws Fault {
-String method = (String)message.get(Message.HTTP_REQUEST_METHOD);
-if ("GET".equals(method)) {
+if (isServerGet(message)) {
 return;
 }
-
-Message outMs = message.getExchange().getOutMessage();
-Message inMsg = outMs == null ? message : 
outMs.getExchange().getInMessage();
-
+prepareMessage(message);
+message.getInterceptorChain().add(
+  new StaxActionInInterceptor(requireSignature, 
requireEncryption));
+}
+
+private void prepareMessage(Message inMsg) throws Fault {
+
 XMLStreamReader originalXmlStreamReader = 
inMsg.getContent(XMLStreamReader.class);
 if (originalXmlStreamReader == null) {
 InputStream is = inMsg.getContent(InputStream.class);
@@ -108,10 +115,7 @@ public class XmlSecInInterceptor extends

[5/5] cxf git commit: Recording .gitmergeinfo Changes

2017-03-28 Thread coheigea 
Recording .gitmergeinfo Changes


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/0b094e88
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/0b094e88
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/0b094e88

Branch: refs/heads/3.1.x-fixes
Commit: 0b094e88f775dc10caea0b85a52dcc21ef45300c
Parents: e632d68
Author: Colm O hEigeartaigh 
Authored: Tue Mar 28 13:13:42 2017 +0100
Committer: Colm O hEigeartaigh 
Committed: Tue Mar 28 13:13:42 2017 +0100

--
 .gitmergeinfo | 1 +
 1 file changed, 1 insertion(+)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/0b094e88/.gitmergeinfo
--
diff --git a/.gitmergeinfo b/.gitmergeinfo
index a184639..d09c806 100644
--- a/.gitmergeinfo
+++ b/.gitmergeinfo
@@ -439,6 +439,7 @@ M 955fd4b7fee79642934a828b7758ce14f783364a
 M 9a9e0a8a37608195c4ef6fbf386728d13d025d2d
 M 9b2bda583c09861c693122ab631c4bffa2187ddd
 M 9b816a21d8b85cc051be59a8ab6e968c5d0d
+M 9c6f0b8ef0a00887d11706771c88b0a28c818b9a
 M 9cd3116cbdbbfb139f40ad2d9e49cec1adf08a08
 M 9d3c46e0cfe87700d7105ee131c3e3e33f228e06
 M 9d64bcedb508732cdc377312f0fb433ee1dc630e

[1/5] cxf git commit: Removing unused file

2017-03-28 Thread coheigea 
Repository: cxf
Updated Branches:
  refs/heads/3.1.x-fixes 3fd465a1b -> 0b094e88f


Removing unused file


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/d32aab3c
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/d32aab3c
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/d32aab3c

Branch: refs/heads/3.1.x-fixes
Commit: d32aab3cb2d834b61e95f32c586218056a5a4014
Parents: 3fd465a
Author: Colm O hEigeartaigh 
Authored: Tue Mar 28 11:55:24 2017 +0100
Committer: Colm O hEigeartaigh 
Committed: Tue Mar 28 13:13:39 2017 +0100

--
 systests/ws-security/src/test/resources/kerberos.jaas | 8 
 1 file changed, 8 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/d32aab3c/systests/ws-security/src/test/resources/kerberos.jaas
--
diff --git a/systests/ws-security/src/test/resources/kerberos.jaas 
b/systests/ws-security/src/test/resources/kerberos.jaas
deleted file mode 100644
index b773cf6..000
--- a/systests/ws-security/src/test/resources/kerberos.jaas
+++ /dev/null
@@ -1,8 +0,0 @@
-
-alice {
-com.sun.security.auth.module.Krb5LoginModule required 
refreshKrb5Config=true useKeyTab=true keyTab="/etc/alice.keytab" 
principal="alice";
-};
-
-bob {
-com.sun.security.auth.module.Krb5LoginModule required 
refreshKrb5Config=true useKeyTab=true storeKey=true keyTab="/etc/bob.keytab" 
principal="bob/service.ws.apache.org";
-};

[2/5] cxf git commit: Adding signature negative tests for WS-Security, client + server side

2017-03-28 Thread coheigea 
Adding signature negative tests for WS-Security, client + server side


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/f05a4156
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/f05a4156
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/f05a4156

Branch: refs/heads/3.1.x-fixes
Commit: f05a41565bb5e27b15a00e75c704b41e59789e39
Parents: d32aab3
Author: Colm O hEigeartaigh 
Authored: Tue Mar 28 12:18:54 2017 +0100
Committer: Colm O hEigeartaigh 
Committed: Tue Mar 28 13:13:40 2017 +0100

--
 .../cxf/systest/ws/action/ActionTest.java   | 112 +++
 .../ws/common/KeystorePasswordCallback.java |   2 +
 .../src/test/resources/bethal.properties|  24 
 .../cxf/systest/ws/action/DoubleItAction.wsdl   |  12 ++
 .../org/apache/cxf/systest/ws/action/client.xml | 104 +
 .../org/apache/cxf/systest/ws/action/server.xml | 104 +
 .../src/test/resources/truststore.properties|  23 
 7 files changed, 381 insertions(+)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/f05a4156/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java
--
diff --git 
a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java
 
b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java
index 2a67c22..9d86f62 100644
--- 
a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java
+++ 
b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java
@@ -291,4 +291,116 @@ public class ActionTest extends 
AbstractBusClientServerTestBase {
 ((java.io.Closeable)port).close();
 bus.shutdown(true);
 }
+
+@org.junit.Test
+public void testSignatureNegativeClient() throws Exception {
+
+SpringBusFactory bf = new SpringBusFactory();
+URL busFile = ActionTest.class.getResource("client.xml");
+
+Bus bus = bf.createBus(busFile.toString());
+SpringBusFactory.setDefaultBus(bus);
+SpringBusFactory.setThreadDefaultBus(bus);
+
+URL wsdl = ActionTest.class.getResource("DoubleItAction.wsdl");
+Service service = Service.create(wsdl, SERVICE_QNAME);
+QName portQName = new QName(NAMESPACE, 
"DoubleItSignatureNegativeClientPort");
+DoubleItPortType port =
+service.getPort(portQName, DoubleItPortType.class);
+updateAddressPort(port, PORT);
+
+try {
+port.doubleIt(25);
+fail("Failure expected as the client doesn't trust the cert of the 
service");
+} catch (javax.xml.ws.soap.SOAPFaultException ex) {
+// expected
+}
+
+((java.io.Closeable)port).close();
+bus.shutdown(true);
+}
+
+@org.junit.Test
+public void testSignatureNegativeClientStreaming() throws Exception {
+
+SpringBusFactory bf = new SpringBusFactory();
+URL busFile = ActionTest.class.getResource("client.xml");
+
+Bus bus = bf.createBus(busFile.toString());
+SpringBusFactory.setDefaultBus(bus);
+SpringBusFactory.setThreadDefaultBus(bus);
+
+URL wsdl = ActionTest.class.getResource("DoubleItAction.wsdl");
+Service service = Service.create(wsdl, SERVICE_QNAME);
+QName portQName = new QName(NAMESPACE, 
"DoubleItSignatureNegativeClientPort2");
+DoubleItPortType port =
+service.getPort(portQName, DoubleItPortType.class);
+updateAddressPort(port, PORT);
+
+try {
+port.doubleIt(25);
+fail("Failure expected as the client doesn't trust the cert of the 
service");
+} catch (javax.xml.ws.soap.SOAPFaultException ex) {
+// expected
+}
+
+((java.io.Closeable)port).close();
+bus.shutdown(true);
+}
+
+@org.junit.Test
+public void testSignatureNegativeServer() throws Exception {
+
+SpringBusFactory bf = new SpringBusFactory();
+URL busFile = ActionTest.class.getResource("client.xml");
+
+Bus bus = bf.createBus(busFile.toString());
+SpringBusFactory.setDefaultBus(bus);
+SpringBusFactory.setThreadDefaultBus(bus);
+
+URL wsdl = ActionTest.class.getResource("DoubleItAction.wsdl");
+Service service = Service.create(wsdl, SERVICE_QNAME);
+QName portQName = new QName(NAMESPACE, 
"DoubleItSignatureNegativeServerPort");
+DoubleItPortType port =
+service.getPort(portQName, DoubleItPortType.class);
+updateAddressPort(port, PORT);
+
+try {
+port.doubleIt(25);
+fail("Failure expected as the service doesn't trust the

[4/5] cxf git commit: Fixing tests

2017-03-28 Thread coheigea 
Fixing tests


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/e632d680
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/e632d680
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/e632d680

Branch: refs/heads/3.1.x-fixes
Commit: e632d68027186cecd1e45261bdb250f32019c013
Parents: af69b53
Author: Colm O hEigeartaigh 
Authored: Tue Mar 28 13:10:51 2017 +0100
Committer: Colm O hEigeartaigh 
Committed: Tue Mar 28 13:13:42 2017 +0100

--
 .../jaxrs/security/xml/JAXRSXmlSecTest.java | 26 
 1 file changed, 10 insertions(+), 16 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/e632d680/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java
--
diff --git 
a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java
 
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java
index 94084a6..3d55f31 100644
--- 
a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java
+++ 
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java
@@ -279,7 +279,7 @@ public class JAXRSXmlSecTest extends 
AbstractBusClientServerTestBase {
 if (!useKeyInfo) {
 sigInInterceptor.setSignatureVerificationAlias("alice");
 }
-bean.getInInterceptors().add(sigInInterceptor);
+bean.setProvider(sigInInterceptor);
 } else {
 XmlSigOutInterceptor sigOutInterceptor = new 
XmlSigOutInterceptor();
 if (enveloping) {
@@ -295,19 +295,13 @@ public class JAXRSXmlSecTest extends 
AbstractBusClientServerTestBase {
 
 WebClient wc = bean.createWebClient();
 
WebClient.getConfig(wc).getHttpConduit().getClient().setReceiveTimeout(1000L);
-try {
-Book book;
-if (!fromResponse) {
-book = wc.post(new Book("CXF", 126L), Book.class);
-} else {
-book = wc.post(new Book("CXF", 126L)).readEntity(Book.class);
-}
-assertEquals(126L, book.getId());
-} catch (WebApplicationException ex) {
-fail(ex.getMessage());
-} catch (ProcessingException ex) {
-assertTrue(ex.getCause() instanceof BadRequestException);
+Book book;
+if (!fromResponse) {
+book = wc.post(new Book("CXF", 126L), Book.class);
+} else {
+book = wc.post(new Book("CXF", 126L)).readEntity(Book.class);
 }
+assertEquals(126L, book.getId());
 }
 
 @Test
@@ -336,7 +330,7 @@ public class JAXRSXmlSecTest extends 
AbstractBusClientServerTestBase {
 
 XmlSecInInterceptor sigInInterceptor = new XmlSecInInterceptor();
 sigInInterceptor.setRequireSignature(true);
-bean.getInInterceptors().add(sigInInterceptor);
+bean.setProvider(sigInInterceptor);
 } else {
 XmlSigOutInterceptor sigOutInterceptor = new 
XmlSigOutInterceptor();
 bean.getOutInterceptors().add(sigOutInterceptor);
@@ -381,7 +375,7 @@ public class JAXRSXmlSecTest extends 
AbstractBusClientServerTestBase {
 
 XmlSecInInterceptor sigInInterceptor = new XmlSecInInterceptor();
 sigInInterceptor.setRequireSignature(true);
-bean.getInInterceptors().add(sigInInterceptor);
+bean.setProvider(sigInInterceptor);
 } else {
 XmlSigOutInterceptor sigOutInterceptor = new 
XmlSigOutInterceptor();
 bean.getOutInterceptors().add(sigOutInterceptor);
@@ -577,7 +571,7 @@ public class JAXRSXmlSecTest extends 
AbstractBusClientServerTestBase {
 
 XmlSecInInterceptor encInInterceptor = new XmlSecInInterceptor();
 encInInterceptor.setRequireEncryption(true);
-bean.getInInterceptors().add(encInInterceptor);
+bean.setProvider(encInInterceptor);
 } else {
 if (sign) {
 bean.getOutInterceptors().add(new XmlSigOutInterceptor());

[3/5] cxf git commit: Adding some negative tests for trust verification for rs-security

2017-03-28 Thread coheigea 
Adding some negative tests for trust verification for rs-security


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/af69b53d
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/af69b53d
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/af69b53d

Branch: refs/heads/3.1.x-fixes
Commit: af69b53d8460c7c80546afb8ae56dd086a807a6f
Parents: f05a415
Author: Colm O hEigeartaigh 
Authored: Tue Mar 28 13:04:16 2017 +0100
Committer: Colm O hEigeartaigh 
Committed: Tue Mar 28 13:13:41 2017 +0100

--
 .../security/xml/AbstractXmlSecInHandler.java   |  6 +-
 .../rs/security/xml/XmlSecInInterceptor.java| 20 ++---
 .../security/saml/KeystorePasswordCallback.java |  4 +
 .../jaxrs/security/xml/JAXRSXmlSecTest.java | 90 
 .../systest/jaxrs/security/bethal.properties| 24 ++
 .../systest/jaxrs/security/morpit.properties| 21 +
 .../jaxrs/security/morpittrust.properties   | 23 +
 .../cxf/systest/jaxrs/security/xml/server.xml   | 32 +++
 .../systest/jaxrs/security/xml/stax-server.xml  | 34 +++-
 9 files changed, 242 insertions(+), 12 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/af69b53d/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java
--
diff --git 
a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java
 
b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java
index 8d79b1c..27bc803 100644
--- 
a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java
+++ 
b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java
@@ -96,7 +96,11 @@ public abstract class AbstractXmlSecInHandler {
 }
 
 protected void throwFault(String error, Exception ex) {
-LOG.warning(error);
+StringBuilder log = new StringBuilder(error);
+if (ex != null) {
+log = log.append(" - ").append(ex.getMessage());
+}
+LOG.warning(log.toString());
 Response response = 
JAXRSUtils.toResponseBuilder(400).entity(error).build();
 throw ExceptionUtils.toBadRequestException(null, response);
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/af69b53d/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
--
diff --git 
a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
 
b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
index 19a7457..3341793 100644
--- 
a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
+++ 
b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
@@ -106,9 +106,9 @@ public class XmlSecInInterceptor extends 
AbstractPhaseInterceptor imple
 message.getInterceptorChain().add(
   new StaxActionInInterceptor(requireSignature, 
requireEncryption));
 }
-
+
 private void prepareMessage(Message inMsg) throws Fault {
-
+
 XMLStreamReader originalXmlStreamReader = 
inMsg.getContent(XMLStreamReader.class);
 if (originalXmlStreamReader == null) {
 InputStream is = inMsg.getContent(InputStream.class);
@@ -147,7 +147,7 @@ public class XmlSecInInterceptor extends 
AbstractPhaseInterceptor imple
 return "GET".equals(method) && !MessageUtils.isRequestor(message);
 }
 
-
+
 private void configureDecryptionKeys(Message message, 
XMLSecurityProperties properties)
 throws IOException,
 UnsupportedCallbackException, WSSecurityException {
@@ -311,8 +311,8 @@ public class XmlSecInInterceptor extends 
AbstractPhaseInterceptor imple
 new TrustValidator().validateTrust(sigCrypto, cert, publicKey, 
getSubjectContraints(msg));
 } catch (WSSecurityException e) {
-throw new XMLSecurityException("empty", new Object[] {"Error 
during Signature Trust "
-   + "validation: " + 
e.getMessage()});
+String error = "Signature validation failed";
+throw new XMLSecurityException("empty", new Object[] {error});
 }
 
 if (persistSignature) {
@@ -408,19 +408,19 @@ public class XmlSecInInterceptor extends 
AbstractPhaseInterceptor imple
 @Override
 public Object aroundReadFrom(ReaderInterceptorContext ctx) throws 
IOException, WebApplicationException {
 Message

[3/4] cxf git commit: Adding some negative tests for trust verification for rs-security

2017-03-28 Thread coheigea 
Adding some negative tests for trust verification for rs-security


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/9c6f0b8e
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/9c6f0b8e
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/9c6f0b8e

Branch: refs/heads/master
Commit: 9c6f0b8ef0a00887d11706771c88b0a28c818b9a
Parents: 2a72afa
Author: Colm O hEigeartaigh 
Authored: Tue Mar 28 13:04:16 2017 +0100
Committer: Colm O hEigeartaigh 
Committed: Tue Mar 28 13:04:16 2017 +0100

--
 .../security/xml/AbstractXmlSecInHandler.java   |  6 +-
 .../rs/security/xml/XmlSecInInterceptor.java| 20 ++---
 .../security/saml/KeystorePasswordCallback.java |  4 +
 .../jaxrs/security/xml/JAXRSXmlSecTest.java | 90 
 .../systest/jaxrs/security/bethal.properties| 24 ++
 .../systest/jaxrs/security/morpit.properties| 21 +
 .../jaxrs/security/morpittrust.properties   | 23 +
 .../cxf/systest/jaxrs/security/xml/server.xml   | 32 +++
 .../systest/jaxrs/security/xml/stax-server.xml  | 34 +++-
 9 files changed, 242 insertions(+), 12 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/9c6f0b8e/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java
--
diff --git 
a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java
 
b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java
index caa898b..24bac79 100644
--- 
a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java
+++ 
b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java
@@ -96,7 +96,11 @@ public abstract class AbstractXmlSecInHandler {
 }
 
 protected void throwFault(String error, Exception ex) {
-LOG.warning(error);
+StringBuilder log = new StringBuilder(error);
+if (ex != null) {
+log = log.append(" - ").append(ex.getMessage());
+}
+LOG.warning(log.toString());
 Response response = 
JAXRSUtils.toResponseBuilder(400).entity(error).build();
 throw ExceptionUtils.toBadRequestException(null, response);
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/9c6f0b8e/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
--
diff --git 
a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
 
b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
index 403a07e..4514051 100644
--- 
a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
+++ 
b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
@@ -106,9 +106,9 @@ public class XmlSecInInterceptor extends 
AbstractPhaseInterceptor imple
 message.getInterceptorChain().add(
   new StaxActionInInterceptor(requireSignature, 
requireEncryption));
 }
-
+
 private void prepareMessage(Message inMsg) throws Fault {
-
+
 XMLStreamReader originalXmlStreamReader = 
inMsg.getContent(XMLStreamReader.class);
 if (originalXmlStreamReader == null) {
 InputStream is = inMsg.getContent(InputStream.class);
@@ -147,7 +147,7 @@ public class XmlSecInInterceptor extends 
AbstractPhaseInterceptor imple
 return "GET".equals(method) && !MessageUtils.isRequestor(message);
 }
 
-
+
 private void configureDecryptionKeys(Message message, 
XMLSecurityProperties properties)
 throws IOException,
 UnsupportedCallbackException, WSSecurityException {
@@ -311,8 +311,8 @@ public class XmlSecInInterceptor extends 
AbstractPhaseInterceptor imple
 new TrustValidator().validateTrust(sigCrypto, cert, publicKey,
getSubjectContraints(msg));
 } catch (WSSecurityException e) {
-throw new XMLSecurityException("empty", new Object[] {"Error 
during Signature Trust "
-   + "validation: " + 
e.getMessage()});
+String error = "Signature validation failed";
+throw new XMLSecurityException("empty", new Object[] {error});
 }
 
 if (persistSignature) {
@@ -408,19 +408,19 @@ public class XmlSecInInterceptor extends 
AbstractPhaseInterceptor imple
 @Override
 public Object aroundReadFrom(ReaderInterceptorContext ctx) throws 
IOException, WebApplicationException {
 Message message =

[1/4] cxf git commit: Removing unused file

2017-03-28 Thread coheigea 
Repository: cxf
Updated Branches:
  refs/heads/master 08a1bd83c -> 0ffcd507e


Removing unused file


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/d3bf25c3
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/d3bf25c3
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/d3bf25c3

Branch: refs/heads/master
Commit: d3bf25c3b1ab874fbc7609b98f2f88b545707ceb
Parents: 08a1bd8
Author: Colm O hEigeartaigh 
Authored: Tue Mar 28 11:55:24 2017 +0100
Committer: Colm O hEigeartaigh 
Committed: Tue Mar 28 12:57:09 2017 +0100

--
 systests/ws-security/src/test/resources/kerberos.jaas | 8 
 1 file changed, 8 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/d3bf25c3/systests/ws-security/src/test/resources/kerberos.jaas
--
diff --git a/systests/ws-security/src/test/resources/kerberos.jaas 
b/systests/ws-security/src/test/resources/kerberos.jaas
deleted file mode 100644
index b773cf6..000
--- a/systests/ws-security/src/test/resources/kerberos.jaas
+++ /dev/null
@@ -1,8 +0,0 @@
-
-alice {
-com.sun.security.auth.module.Krb5LoginModule required 
refreshKrb5Config=true useKeyTab=true keyTab="/etc/alice.keytab" 
principal="alice";
-};
-
-bob {
-com.sun.security.auth.module.Krb5LoginModule required 
refreshKrb5Config=true useKeyTab=true storeKey=true keyTab="/etc/bob.keytab" 
principal="bob/service.ws.apache.org";
-};

[2/4] cxf git commit: Adding signature negative tests for WS-Security, client + server side

2017-03-28 Thread coheigea 
Adding signature negative tests for WS-Security, client + server side


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/2a72afa8
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/2a72afa8
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/2a72afa8

Branch: refs/heads/master
Commit: 2a72afa837e4ff0b58425cc5ca57b711fe5b711a
Parents: d3bf25c
Author: Colm O hEigeartaigh 
Authored: Tue Mar 28 12:18:54 2017 +0100
Committer: Colm O hEigeartaigh 
Committed: Tue Mar 28 12:57:10 2017 +0100

--
 .../cxf/systest/ws/action/ActionTest.java   | 112 +++
 .../ws/common/KeystorePasswordCallback.java |   2 +
 .../src/test/resources/bethal.properties|  24 
 .../cxf/systest/ws/action/DoubleItAction.wsdl   |  12 ++
 .../org/apache/cxf/systest/ws/action/client.xml | 104 +
 .../org/apache/cxf/systest/ws/action/server.xml | 104 +
 .../src/test/resources/truststore.properties|  23 
 7 files changed, 381 insertions(+)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/2a72afa8/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java
--
diff --git 
a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java
 
b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java
index 8cf0fc0..e577738 100644
--- 
a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java
+++ 
b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/action/ActionTest.java
@@ -291,4 +291,116 @@ public class ActionTest extends 
AbstractBusClientServerTestBase {
 ((java.io.Closeable)port).close();
 bus.shutdown(true);
 }
+
+@org.junit.Test
+public void testSignatureNegativeClient() throws Exception {
+
+SpringBusFactory bf = new SpringBusFactory();
+URL busFile = ActionTest.class.getResource("client.xml");
+
+Bus bus = bf.createBus(busFile.toString());
+SpringBusFactory.setDefaultBus(bus);
+SpringBusFactory.setThreadDefaultBus(bus);
+
+URL wsdl = ActionTest.class.getResource("DoubleItAction.wsdl");
+Service service = Service.create(wsdl, SERVICE_QNAME);
+QName portQName = new QName(NAMESPACE, 
"DoubleItSignatureNegativeClientPort");
+DoubleItPortType port =
+service.getPort(portQName, DoubleItPortType.class);
+updateAddressPort(port, PORT);
+
+try {
+port.doubleIt(25);
+fail("Failure expected as the client doesn't trust the cert of the 
service");
+} catch (javax.xml.ws.soap.SOAPFaultException ex) {
+// expected
+}
+
+((java.io.Closeable)port).close();
+bus.shutdown(true);
+}
+
+@org.junit.Test
+public void testSignatureNegativeClientStreaming() throws Exception {
+
+SpringBusFactory bf = new SpringBusFactory();
+URL busFile = ActionTest.class.getResource("client.xml");
+
+Bus bus = bf.createBus(busFile.toString());
+SpringBusFactory.setDefaultBus(bus);
+SpringBusFactory.setThreadDefaultBus(bus);
+
+URL wsdl = ActionTest.class.getResource("DoubleItAction.wsdl");
+Service service = Service.create(wsdl, SERVICE_QNAME);
+QName portQName = new QName(NAMESPACE, 
"DoubleItSignatureNegativeClientPort2");
+DoubleItPortType port =
+service.getPort(portQName, DoubleItPortType.class);
+updateAddressPort(port, PORT);
+
+try {
+port.doubleIt(25);
+fail("Failure expected as the client doesn't trust the cert of the 
service");
+} catch (javax.xml.ws.soap.SOAPFaultException ex) {
+// expected
+}
+
+((java.io.Closeable)port).close();
+bus.shutdown(true);
+}
+
+@org.junit.Test
+public void testSignatureNegativeServer() throws Exception {
+
+SpringBusFactory bf = new SpringBusFactory();
+URL busFile = ActionTest.class.getResource("client.xml");
+
+Bus bus = bf.createBus(busFile.toString());
+SpringBusFactory.setDefaultBus(bus);
+SpringBusFactory.setThreadDefaultBus(bus);
+
+URL wsdl = ActionTest.class.getResource("DoubleItAction.wsdl");
+Service service = Service.create(wsdl, SERVICE_QNAME);
+QName portQName = new QName(NAMESPACE, 
"DoubleItSignatureNegativeServerPort");
+DoubleItPortType port =
+service.getPort(portQName, DoubleItPortType.class);
+updateAddressPort(port, PORT);
+
+try {
+port.doubleIt(25);
+fail("Failure expected as the service doesn't trust the

[4/4] cxf git commit: Fixing tests

2017-03-28 Thread coheigea 
Fixing tests


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/0ffcd507
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/0ffcd507
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/0ffcd507

Branch: refs/heads/master
Commit: 0ffcd507e0f7bc5c33ddb819a474426035948c6d
Parents: 9c6f0b8
Author: Colm O hEigeartaigh 
Authored: Tue Mar 28 13:10:51 2017 +0100
Committer: Colm O hEigeartaigh 
Committed: Tue Mar 28 13:10:51 2017 +0100

--
 .../jaxrs/security/xml/JAXRSXmlSecTest.java | 26 
 1 file changed, 10 insertions(+), 16 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/0ffcd507/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java
--
diff --git 
a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java
 
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java
index 6942508..67abc0c 100644
--- 
a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java
+++ 
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/xml/JAXRSXmlSecTest.java
@@ -279,7 +279,7 @@ public class JAXRSXmlSecTest extends 
AbstractBusClientServerTestBase {
 if (!useKeyInfo) {
 sigInInterceptor.setSignatureVerificationAlias("alice");
 }
-bean.getInInterceptors().add(sigInInterceptor);
+bean.setProvider(sigInInterceptor);
 } else {
 XmlSigOutInterceptor sigOutInterceptor = new 
XmlSigOutInterceptor();
 if (enveloping) {
@@ -295,19 +295,13 @@ public class JAXRSXmlSecTest extends 
AbstractBusClientServerTestBase {
 
 WebClient wc = bean.createWebClient();
 
WebClient.getConfig(wc).getHttpConduit().getClient().setReceiveTimeout(1000L);
-try {
-Book book;
-if (!fromResponse) {
-book = wc.post(new Book("CXF", 126L), Book.class);
-} else {
-book = wc.post(new Book("CXF", 126L)).readEntity(Book.class);
-}
-assertEquals(126L, book.getId());
-} catch (WebApplicationException ex) {
-fail(ex.getMessage());
-} catch (ProcessingException ex) {
-assertTrue(ex.getCause() instanceof BadRequestException);
+Book book;
+if (!fromResponse) {
+book = wc.post(new Book("CXF", 126L), Book.class);
+} else {
+book = wc.post(new Book("CXF", 126L)).readEntity(Book.class);
 }
+assertEquals(126L, book.getId());
 }
 
 @Test
@@ -336,7 +330,7 @@ public class JAXRSXmlSecTest extends 
AbstractBusClientServerTestBase {
 
 XmlSecInInterceptor sigInInterceptor = new XmlSecInInterceptor();
 sigInInterceptor.setRequireSignature(true);
-bean.getInInterceptors().add(sigInInterceptor);
+bean.setProvider(sigInInterceptor);
 } else {
 XmlSigOutInterceptor sigOutInterceptor = new 
XmlSigOutInterceptor();
 bean.getOutInterceptors().add(sigOutInterceptor);
@@ -381,7 +375,7 @@ public class JAXRSXmlSecTest extends 
AbstractBusClientServerTestBase {
 
 XmlSecInInterceptor sigInInterceptor = new XmlSecInInterceptor();
 sigInInterceptor.setRequireSignature(true);
-bean.getInInterceptors().add(sigInInterceptor);
+bean.setProvider(sigInInterceptor);
 } else {
 XmlSigOutInterceptor sigOutInterceptor = new 
XmlSigOutInterceptor();
 bean.getOutInterceptors().add(sigOutInterceptor);
@@ -577,7 +571,7 @@ public class JAXRSXmlSecTest extends 
AbstractBusClientServerTestBase {
 
 XmlSecInInterceptor encInInterceptor = new XmlSecInInterceptor();
 encInInterceptor.setRequireEncryption(true);
-bean.getInInterceptors().add(encInInterceptor);
+bean.setProvider(encInInterceptor);
 } else {
 if (sign) {
 bean.getOutInterceptors().add(new XmlSigOutInterceptor());

cxf git commit: Another hack to address the limitation of the response body being read after the chain completes on the jaxrs client side

2017-03-28 Thread sergeyb 
Repository: cxf
Updated Branches:
  refs/heads/3.1.x-fixes 1444d9873 -> 3fd465a1b


Another hack to address the limitation of the response body being read after 
the chain completes on the jaxrs client side


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/3fd465a1
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/3fd465a1
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/3fd465a1

Branch: refs/heads/3.1.x-fixes
Commit: 3fd465a1b74c19e819a794ff89227af2c0d268f5
Parents: 1444d98
Author: Sergey Beryozkin 
Authored: Tue Mar 28 12:20:51 2017 +0100
Committer: Sergey Beryozkin 
Committed: Tue Mar 28 12:22:27 2017 +0100

--
 .../java/org/apache/cxf/jaxrs/impl/AbstractPropertiesImpl.java   | 4 
 .../java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java | 4 +++-
 2 files changed, 7 insertions(+), 1 deletion(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/3fd465a1/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/AbstractPropertiesImpl.java
--
diff --git 
a/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/AbstractPropertiesImpl.java
 
b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/AbstractPropertiesImpl.java
index caf8139..2b69400 100644
--- 
a/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/AbstractPropertiesImpl.java
+++ 
b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/AbstractPropertiesImpl.java
@@ -47,4 +47,8 @@ public abstract class AbstractPropertiesImpl {
 public Collection getPropertyNames() {
 return holder.getPropertyNames();
 }
+
+public Message getMessage() {
+return m;
+}
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/3fd465a1/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
--
diff --git 
a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
 
b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
index 3ce1047..19a7457 100644
--- 
a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
+++ 
b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
@@ -44,6 +44,7 @@ import javax.xml.stream.XMLStreamReader;
 import org.apache.cxf.common.logging.LogUtils;
 import org.apache.cxf.interceptor.Fault;
 import org.apache.cxf.interceptor.StaxInInterceptor;
+import org.apache.cxf.jaxrs.impl.ReaderInterceptorContextImpl;
 import org.apache.cxf.jaxrs.utils.ExceptionUtils;
 import org.apache.cxf.jaxrs.utils.JAXRSUtils;
 import org.apache.cxf.message.Message;
@@ -406,7 +407,8 @@ public class XmlSecInInterceptor extends 
AbstractPhaseInterceptor imple
 
 @Override
 public Object aroundReadFrom(ReaderInterceptorContext ctx) throws 
IOException, WebApplicationException {
-Message message = JAXRSUtils.getCurrentMessage();
+Message message = ((ReaderInterceptorContextImpl)ctx).getMessage();
+
 if (isServerGet(message)) {
 return ctx.proceed();
 } else {

cxf git commit: Another hack to address the limitation of the response body being read after the chain completes on the jaxrs client side

2017-03-28 Thread sergeyb 
Repository: cxf
Updated Branches:
  refs/heads/master 48c6da4be -> 08a1bd83c


Another hack to address the limitation of the response body being read after 
the chain completes on the jaxrs client side


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/08a1bd83
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/08a1bd83
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/08a1bd83

Branch: refs/heads/master
Commit: 08a1bd83c2a6a069a1a5c5fa45a4fe1236d4fb95
Parents: 48c6da4
Author: Sergey Beryozkin 
Authored: Tue Mar 28 12:20:51 2017 +0100
Committer: Sergey Beryozkin 
Committed: Tue Mar 28 12:20:51 2017 +0100

--
 .../java/org/apache/cxf/jaxrs/impl/AbstractPropertiesImpl.java   | 4 
 .../java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java | 4 +++-
 2 files changed, 7 insertions(+), 1 deletion(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/08a1bd83/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/AbstractPropertiesImpl.java
--
diff --git 
a/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/AbstractPropertiesImpl.java
 
b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/AbstractPropertiesImpl.java
index bf34a35..af45a2d 100644
--- 
a/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/AbstractPropertiesImpl.java
+++ 
b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/AbstractPropertiesImpl.java
@@ -47,4 +47,8 @@ public abstract class AbstractPropertiesImpl {
 public Collection getPropertyNames() {
 return holder.getPropertyNames();
 }
+
+public Message getMessage() {
+return m;
+}
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/08a1bd83/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
--
diff --git 
a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
 
b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
index 2d4014e..403a07e 100644
--- 
a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
+++ 
b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
@@ -44,6 +44,7 @@ import javax.xml.stream.XMLStreamReader;
 import org.apache.cxf.common.logging.LogUtils;
 import org.apache.cxf.interceptor.Fault;
 import org.apache.cxf.interceptor.StaxInInterceptor;
+import org.apache.cxf.jaxrs.impl.ReaderInterceptorContextImpl;
 import org.apache.cxf.jaxrs.utils.ExceptionUtils;
 import org.apache.cxf.jaxrs.utils.JAXRSUtils;
 import org.apache.cxf.message.Message;
@@ -406,7 +407,8 @@ public class XmlSecInInterceptor extends 
AbstractPhaseInterceptor imple
 
 @Override
 public Object aroundReadFrom(ReaderInterceptorContext ctx) throws 
IOException, WebApplicationException {
-Message message = JAXRSUtils.getCurrentMessage();
+Message message = ((ReaderInterceptorContextImpl)ctx).getMessage();
+
 if (isServerGet(message)) {
 return ctx.proceed();
 } else {

cxf git commit: CXF-4028 - X509TokenValidator uses signature-crypto-provider instead of encryption-crypto-provider

2017-03-28 Thread coheigea 
Repository: cxf
Updated Branches:
  refs/heads/3.1.x-fixes 42eca6f9c -> 1444d9873


CXF-4028 - X509TokenValidator uses signature-crypto-provider instead of 
encryption-crypto-provider


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/1444d987
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/1444d987
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/1444d987

Branch: refs/heads/3.1.x-fixes
Commit: 1444d98730b69b95b00067a33e6255d069e0bec1
Parents: 42eca6f
Author: Colm O hEigeartaigh 
Authored: Tue Mar 28 08:07:11 2017 +0100
Committer: Colm O hEigeartaigh 
Committed: Tue Mar 28 08:09:00 2017 +0100

--
 .../cxf/sts/token/validator/X509TokenValidator.java| 13 +
 1 file changed, 9 insertions(+), 4 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/1444d987/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/X509TokenValidator.java
--
diff --git 
a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/X509TokenValidator.java
 
b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/X509TokenValidator.java
index 276d3fd..d32b510 100644
--- 
a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/X509TokenValidator.java
+++ 
b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/X509TokenValidator.java
@@ -113,11 +113,16 @@ public class X509TokenValidator implements TokenValidator 
{
 public TokenValidatorResponse validateToken(TokenValidatorParameters 
tokenParameters) {
 LOG.fine("Validating X.509 Token");
 STSPropertiesMBean stsProperties = tokenParameters.getStsProperties();
-Crypto sigCrypto = stsProperties.getSignatureCrypto();
 CallbackHandler callbackHandler = stsProperties.getCallbackHandler();
 
+// See CXF-4028
+Crypto crypto = stsProperties.getEncryptionCrypto();
+if (crypto == null) {
+crypto = stsProperties.getSignatureCrypto();
+}
+
 RequestData requestData = new RequestData();
-requestData.setSigVerCrypto(sigCrypto);
+requestData.setSigVerCrypto(crypto);
 requestData.setWssConfig(WSSConfig.getNewInstance());
 requestData.setCallbackHandler(callbackHandler);
 requestData.setMsgContext(tokenParameters.getMessageContext());
@@ -177,8 +182,8 @@ public class X509TokenValidator implements TokenValidator {
 try {
 Credential credential = new Credential();
 credential.setBinarySecurityToken(binarySecurity);
-if (sigCrypto != null) {
-X509Certificate cert = 
((X509Security)binarySecurity).getX509Certificate(sigCrypto);
+if (crypto != null) {
+X509Certificate cert = 
((X509Security)binarySecurity).getX509Certificate(crypto);
 credential.setCertificates(new X509Certificate[]{cert});
 }

cxf git commit: Recording .gitmergeinfo Changes

2017-03-28 Thread coheigea 
Repository: cxf
Updated Branches:
  refs/heads/3.0.x-fixes 9a12fe80b -> 491a6e81e


Recording .gitmergeinfo Changes


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/491a6e81
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/491a6e81
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/491a6e81

Branch: refs/heads/3.0.x-fixes
Commit: 491a6e81e4300a1959d278ac00fd02028c7d3144
Parents: 9a12fe8
Author: Colm O hEigeartaigh 
Authored: Tue Mar 28 08:09:20 2017 +0100
Committer: Colm O hEigeartaigh 
Committed: Tue Mar 28 08:09:20 2017 +0100

--
 .gitmergeinfo | 1 +
 1 file changed, 1 insertion(+)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/491a6e81/.gitmergeinfo
--
diff --git a/.gitmergeinfo b/.gitmergeinfo
index 90b8ebd..6580322 100644
--- a/.gitmergeinfo
+++ b/.gitmergeinfo
@@ -119,6 +119,7 @@ B 13dfe0f9fcaa0aee4c603072436d85861a0ab734
 B 13e01e23ea87ea5b06953f18bef4b173fca55b4d
 B 13fa5dc1ffebe4e63a27f17528598925af04d570
 B 105de684d0a266cbbfbb415e09121412d577
+B 1444d98730b69b95b00067a33e6255d069e0bec1
 B 1487fccd43c3bcc463f12cdc1573cde68323f8b6
 B 14ed2e2c44b6da7641c95fb57212f8b5a5e77f3d
 B 150213cac13dc342e9c0a6559f5856edf85e660d

cxf git commit: CXF-4028 - X509TokenValidator uses signature-crypto-provider instead of encryption-crypto-provider

2017-03-28 Thread coheigea 
Repository: cxf
Updated Branches:
  refs/heads/master f81032919 -> 48c6da4be


CXF-4028 - X509TokenValidator uses signature-crypto-provider instead of 
encryption-crypto-provider


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/48c6da4b
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/48c6da4b
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/48c6da4b

Branch: refs/heads/master
Commit: 48c6da4bec8743d65740e7ab02ce4ca0f696c384
Parents: f810329
Author: Colm O hEigeartaigh 
Authored: Tue Mar 28 08:07:11 2017 +0100
Committer: Colm O hEigeartaigh 
Committed: Tue Mar 28 08:07:11 2017 +0100

--
 .../cxf/sts/token/validator/X509TokenValidator.java| 13 +
 1 file changed, 9 insertions(+), 4 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/48c6da4b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/X509TokenValidator.java
--
diff --git 
a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/X509TokenValidator.java
 
b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/X509TokenValidator.java
index e604f7f..e89ac12 100644
--- 
a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/X509TokenValidator.java
+++ 
b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/X509TokenValidator.java
@@ -113,11 +113,16 @@ public class X509TokenValidator implements TokenValidator 
{
 public TokenValidatorResponse validateToken(TokenValidatorParameters 
tokenParameters) {
 LOG.fine("Validating X.509 Token");
 STSPropertiesMBean stsProperties = tokenParameters.getStsProperties();
-Crypto sigCrypto = stsProperties.getSignatureCrypto();
 CallbackHandler callbackHandler = stsProperties.getCallbackHandler();
 
+// See CXF-4028
+Crypto crypto = stsProperties.getEncryptionCrypto();
+if (crypto == null) {
+crypto = stsProperties.getSignatureCrypto();
+}
+
 RequestData requestData = new RequestData();
-requestData.setSigVerCrypto(sigCrypto);
+requestData.setSigVerCrypto(crypto);
 requestData.setWssConfig(WSSConfig.getNewInstance());
 requestData.setCallbackHandler(callbackHandler);
 requestData.setMsgContext(tokenParameters.getMessageContext());
@@ -177,8 +182,8 @@ public class X509TokenValidator implements TokenValidator {
 try {
 Credential credential = new Credential();
 credential.setBinarySecurityToken(binarySecurity);
-if (sigCrypto != null) {
-X509Certificate cert = 
((X509Security)binarySecurity).getX509Certificate(sigCrypto);
+if (crypto != null) {
+X509Certificate cert = 
((X509Security)binarySecurity).getX509Certificate(crypto);
 credential.setCertificates(new X509Certificate[]{cert});
 }