[1/2] cxf git commit: Introducing new security constants to be shared between SOAP + REST code
Repository: cxf Updated Branches: refs/heads/master 5f5db6440 - 5faf18226 http://git-wip-us.apache.org/repos/asf/cxf/blob/5faf1822/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java -- diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java index 345e237..34d7cb1 100644 --- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java +++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/UsernameTokenInterceptor.java @@ -151,7 +151,7 @@ public class UsernameTokenInterceptor extends AbstractTokenInterceptor { private SecurityContext createSecurityContext(Message msg, SamlAssertionWrapper samlAssertion) { String roleAttributeName = - (String)msg.getContextualProperty(SecurityConstants.SAML_ROLE_ATTRIBUTENAME); + (String)SecurityUtils.getSecurityPropertyValue(SecurityConstants.SAML_ROLE_ATTRIBUTENAME, msg); if (roleAttributeName == null || roleAttributeName.length() == 0) { roleAttributeName = WSS4JInInterceptor.SAML_ROLE_ATTRIBUTENAME_DEFAULT; } @@ -198,7 +198,7 @@ public class UsernameTokenInterceptor extends AbstractTokenInterceptor { WSDocInfo wsDocInfo = new WSDocInfo(tokenElement.getOwnerDocument()); RequestData data = new CXFRequestData(); -Object o = message.getContextualProperty(SecurityConstants.CALLBACK_HANDLER); +Object o = SecurityUtils.getSecurityPropertyValue(SecurityConstants.CALLBACK_HANDLER, message); try { data.setCallbackHandler(SecurityUtils.getCallbackHandler(o)); } catch (Exception ex) { @@ -389,7 +389,8 @@ public class UsernameTokenInterceptor extends AbstractTokenInterceptor { protected WSSecUsernameToken addUsernameToken(SoapMessage message, UsernameToken token) { -String userName = (String)message.getContextualProperty(SecurityConstants.USERNAME); +String userName = + (String)SecurityUtils.getSecurityPropertyValue(SecurityConstants.USERNAME, message); WSSConfig wssConfig = (WSSConfig)message.getContextualProperty(WSSConfig.class.getName()); if (wssConfig == null) { wssConfig = WSSConfig.getNewInstance(); @@ -406,7 +407,8 @@ public class UsernameTokenInterceptor extends AbstractTokenInterceptor { return utBuilder; } -String password = (String)message.getContextualProperty(SecurityConstants.PASSWORD); +String password = + (String)SecurityUtils.getSecurityPropertyValue(SecurityConstants.PASSWORD, message); if (StringUtils.isEmpty(password)) { password = getPassword(userName, token, WSPasswordCallback.USERNAME_TOKEN, message); } http://git-wip-us.apache.org/repos/asf/cxf/blob/5faf1822/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java -- diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java index 111c93f..bed0c11 100644 --- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java +++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java @@ -265,7 +265,8 @@ public class WSS4JInInterceptor extends AbstractWSS4JInterceptor { *isn't available */ boolean enableRevocation = reqData.isRevocationEnabled() -|| MessageUtils.isTrue(msg.getContextualProperty(SecurityConstants.ENABLE_REVOCATION)); +|| MessageUtils.isTrue(SecurityUtils.getSecurityPropertyValue(SecurityConstants.ENABLE_REVOCATION, + msg)); reqData.setEnableRevocation(enableRevocation); Element soapBody = SAAJUtils.getBody(doc); @@ -337,10 +338,12 @@ public class WSS4JInInterceptor extends AbstractWSS4JInterceptor { private void configureAudienceRestriction(SoapMessage msg, RequestData reqData) { // Add Audience Restrictions for SAML -boolean enableAudienceRestriction = -MessageUtils.getContextualBoolean(msg, - SecurityConstants.AUDIENCE_RESTRICTION_VALIDATION, - true); +boolean enableAudienceRestriction = true; +String audRestrValStr = +
[2/2] cxf git commit: Introducing new security constants to be shared between SOAP + REST code
Introducing new security constants to be shared between SOAP + REST code Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/5faf1822 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/5faf1822 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/5faf1822 Branch: refs/heads/master Commit: 5faf182264c64bd3c0abc0addc9746b64492c864 Parents: 5f5db64 Author: Colm O hEigeartaigh cohei...@apache.org Authored: Tue Apr 14 14:41:59 2015 +0100 Committer: Colm O hEigeartaigh cohei...@apache.org Committed: Tue Apr 14 14:41:59 2015 +0100 -- .../grants/saml/Saml2BearerGrantHandler.java| 2 +- .../saml/sso/AbstractServiceProviderFilter.java | 5 +- rt/rs/security/xml/pom.xml | 8 +- .../cxf/rs/security/common/CryptoLoader.java| 5 +- .../cxf/rs/security/common/SecurityUtils.java | 19 +- .../rs/security/saml/AbstractSamlInHandler.java | 30 ++- .../apache/cxf/rs/security/saml/SAMLUtils.java | 2 +- .../security/xml/AbstractXmlEncInHandler.java | 3 +- .../security/xml/AbstractXmlSigInHandler.java | 2 +- .../rs/security/xml/XmlEncOutInterceptor.java | 6 +- .../rs/security/xml/XmlSecInInterceptor.java| 2 +- .../rs/security/xml/XmlSecOutInterceptor.java | 5 +- .../rs/security/xml/XmlSigOutInterceptor.java | 3 +- .../cxf/rt/security/SecurityConstants.java | 211 +++ .../cxf/rt/security/utils/SecurityUtils.java| 12 ++ .../cxf/ws/security/SecurityConstants.java | 166 ++- .../cxf/ws/security/kerberos/KerberosUtils.java | 2 +- .../SpnegoContextTokenInInterceptor.java| 2 +- .../SpnegoContextTokenOutInterceptor.java | 2 +- .../ws/security/trust/AbstractSTSClient.java| 3 + .../trust/AuthPolicyValidatingInterceptor.java | 3 +- .../cxf/ws/security/trust/STSLoginModule.java | 4 +- .../delegation/WSSUsernameCallbackHandler.java | 4 +- .../wss4j/AbstractTokenInterceptor.java | 2 +- .../wss4j/AbstractWSS4JInterceptor.java | 16 +- .../wss4j/AbstractWSS4JStaxInterceptor.java | 9 +- .../wss4j/BinarySecurityTokenInterceptor.java | 2 +- .../wss4j/PolicyBasedWSS4JInInterceptor.java| 26 +-- .../PolicyBasedWSS4JStaxInInterceptor.java | 25 +-- .../PolicyBasedWSS4JStaxOutInterceptor.java | 25 +-- .../ws/security/wss4j/SamlTokenInterceptor.java | 14 +- .../wss4j/StaxSecurityContextInInterceptor.java | 5 +- .../wss4j/UsernameTokenInterceptor.java | 10 +- .../ws/security/wss4j/WSS4JInInterceptor.java | 44 ++-- .../security/wss4j/WSS4JStaxInInterceptor.java | 13 +- .../security/wss4j/WSS4JStaxOutInterceptor.java | 9 +- .../policyhandlers/AbstractBindingBuilder.java | 47 +++-- .../AbstractStaxBindingHandler.java | 11 +- .../StaxAsymmetricBindingHandler.java | 6 +- .../StaxSymmetricBindingHandler.java| 6 +- .../policyhandlers/TransportBindingHandler.java | 4 +- .../crypto/provider/CryptoProviderUtils.java| 2 +- .../security/saml/SamlCallbackHandler.java | 2 +- 43 files changed, 469 insertions(+), 310 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/5faf1822/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/Saml2BearerGrantHandler.java -- diff --git a/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/Saml2BearerGrantHandler.java b/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/Saml2BearerGrantHandler.java index 6a29910..94d49aa 100644 --- a/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/Saml2BearerGrantHandler.java +++ b/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/Saml2BearerGrantHandler.java @@ -52,11 +52,11 @@ import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants; import org.apache.cxf.rs.security.oauth2.utils.OAuthUtils; import org.apache.cxf.rs.security.saml.authorization.SecurityContextProvider; import org.apache.cxf.rs.security.saml.authorization.SecurityContextProviderImpl; +import org.apache.cxf.rt.security.SecurityConstants; import org.apache.cxf.rt.security.saml.claims.SAMLSecurityContext; import org.apache.cxf.security.SecurityContext; import org.apache.cxf.security.transport.TLSSessionInfo; import org.apache.cxf.staxutils.StaxUtils; -import org.apache.cxf.ws.security.SecurityConstants; import org.apache.wss4j.common.saml.SAMLKeyInfo; import org.apache.wss4j.common.saml.SAMLUtil; import org.apache.wss4j.common.saml.SamlAssertionWrapper;
cxf git commit: Add initial support for a SAML SSO Metadata service
Repository: cxf Updated Branches: refs/heads/master e5d98fd24 - bc752dc5b Add initial support for a SAML SSO Metadata service Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/bc752dc5 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/bc752dc5 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/bc752dc5 Branch: refs/heads/master Commit: bc752dc5bd89b5d70d00435fc1185e72659d7e4d Parents: e5d98fd Author: Colm O hEigeartaigh cohei...@apache.org Authored: Tue Apr 14 17:16:16 2015 +0100 Committer: Colm O hEigeartaigh cohei...@apache.org Committed: Tue Apr 14 17:16:16 2015 +0100 -- .../security/saml/sso/AbstractSSOSpHandler.java | 18 ++ .../saml/sso/AbstractServiceProviderFilter.java | 18 -- .../rs/security/saml/sso/MetadataService.java | 104 .../rs/security/saml/sso/MetadataWriter.java| 263 +++ .../cxf/rs/security/saml/sso/SSOConstants.java | 6 + 5 files changed, 391 insertions(+), 18 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/bc752dc5/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractSSOSpHandler.java -- diff --git a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractSSOSpHandler.java b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractSSOSpHandler.java index 6c02ed3..dd0a516 100644 --- a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractSSOSpHandler.java +++ b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractSSOSpHandler.java @@ -46,6 +46,7 @@ public class AbstractSSOSpHandler { private String signaturePropertiesFile; private CallbackHandler callbackHandler; private String callbackHandlerClass; +private String signatureUsername; static { OpenSAMLUtil.initSamlEngine(); @@ -185,4 +186,21 @@ public class AbstractSSOSpHandler { return callbackHandler; } +/** + * Set the username/alias to use to sign any request + * @param signatureUsername the username/alias to use to sign any request + */ +public void setSignatureUsername(String signatureUsername) { +this.signatureUsername = signatureUsername; +LOG.fine(Setting signatureUsername: + signatureUsername); +} + +/** + * Get the username/alias to use to sign any request + * @return the username/alias to use to sign any request + */ +public String getSignatureUsername() { +return signatureUsername; +} + } http://git-wip-us.apache.org/repos/asf/cxf/blob/bc752dc5/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractServiceProviderFilter.java -- diff --git a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractServiceProviderFilter.java b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractServiceProviderFilter.java index ac64188..fe9ef86 100644 --- a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractServiceProviderFilter.java +++ b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/AbstractServiceProviderFilter.java @@ -79,7 +79,6 @@ public abstract class AbstractServiceProviderFilter extends AbstractSSOSpHandler private String assertionConsumerServiceAddress; private AuthnRequestBuilder authnRequestBuilder = new DefaultAuthnRequestBuilder(); private boolean signRequest; -private String signatureUsername; private String webAppDomain; private boolean addWebAppContext = true; @@ -118,23 +117,6 @@ public abstract class AbstractServiceProviderFilter extends AbstractSSOSpHandler return idpServiceAddress; } -/** - * Set the username/alias to use to sign any request - * @param signatureUsername the username/alias to use to sign any request - */ -public void setSignatureUsername(String signatureUsername) { -this.signatureUsername = signatureUsername; -LOG.fine(Setting signatureUsername: + signatureUsername); -} - -/** - * Get the username/alias to use to sign any request - * @return the username/alias to use to sign any request - */ -public String getSignatureUsername() { -return signatureUsername; -} - @PreDestroy public void close() { super.close(); http://git-wip-us.apache.org/repos/asf/cxf/blob/bc752dc5/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/MetadataService.java
cxf-fediz git commit: Cleaning up Metadata a bit
Repository: cxf-fediz Updated Branches: refs/heads/master 3957617a1 - 541c991fa Cleaning up Metadata a bit Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/541c991f Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/541c991f Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/541c991f Branch: refs/heads/master Commit: 541c991fae9917853ba59c44002dbf1e5c2b4b10 Parents: 3957617 Author: Colm O hEigeartaigh cohei...@apache.org Authored: Tue Apr 14 16:22:53 2015 +0100 Committer: Colm O hEigeartaigh cohei...@apache.org Committed: Tue Apr 14 16:22:53 2015 +0100 -- .../cxf/fediz/service/idp/MetadataServlet.java | 2 +- .../fediz/service/idp/util/MetadataWriter.java | 156 ++- 2 files changed, 82 insertions(+), 76 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/541c991f/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/MetadataServlet.java -- diff --git a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/MetadataServlet.java b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/MetadataServlet.java index 5d76072..b0fbdb8 100644 --- a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/MetadataServlet.java +++ b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/MetadataServlet.java @@ -61,7 +61,7 @@ public class MetadataServlet extends HttpServlet { Idp idpConfig = cs.getIDP(realm); LOG.debug(idpConfig.toString()); MetadataWriter mw = new MetadataWriter(); -Document metadata = mw.getMetaData(idpConfig); +Document metadata = mw.getMetaData(idpConfig); out.write(DOM2Writer.nodeToString(metadata)); } catch (Exception ex) { LOG.error(Failed to get metadata document: , ex); http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/541c991f/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/util/MetadataWriter.java -- diff --git a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/util/MetadataWriter.java b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/util/MetadataWriter.java index bcc7e37..88f0547 100644 --- a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/util/MetadataWriter.java +++ b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/util/MetadataWriter.java @@ -28,10 +28,10 @@ import java.security.cert.X509Certificate; import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.stream.XMLOutputFactory; +import javax.xml.stream.XMLStreamException; import javax.xml.stream.XMLStreamWriter; import org.w3c.dom.Document; - import org.apache.cxf.fediz.core.util.CertsUtils; import org.apache.cxf.fediz.core.util.SignatureUtils; import org.apache.cxf.fediz.service.idp.domain.Claim; @@ -62,7 +62,6 @@ public class MetadataWriter { public Document getMetaData(Idp config) throws RuntimeException { //Return as text/xml try { - Crypto crypto = CertsUtils.createCrypto(config.getCertificate()); ByteArrayOutputStream bout = new ByteArrayOutputStream(4096); @@ -82,86 +81,14 @@ public class MetadataWriter { writer.writeNamespace(wsa, WS_ADDRESSING_NS); writer.writeNamespace(auth, WS_FEDERATION_NS); writer.writeNamespace(xsi, SCHEMA_INSTANCE_NS); - -writer.writeStartElement(md, RoleDescriptor, WS_FEDERATION_NS); -writer.writeAttribute(SCHEMA_INSTANCE_NS, type, fed:SecurityTokenServiceType); -writer.writeAttribute(protocolSupportEnumeration, WS_FEDERATION_NS); -if (config.getServiceDescription() != null config.getServiceDescription().length() 0 ) { -writer.writeAttribute(ServiceDescription, config.getServiceDescription()); -} -if (config.getServiceDisplayName() != null config.getServiceDisplayName().length() 0 ) { -writer.writeAttribute(ServiceDisplayName, config.getServiceDisplayName()); -} - - //http://docs.oasis-open.org/security/saml/v2.0/saml-schema-metadata-2.0.xsd -//missing organization, contactperson -//KeyDescriptor -writer.writeStartElement(, KeyDescriptor, SAML2_METADATA_NS); -writer.writeAttribute(use, signing); -writer.writeStartElement(, KeyInfo, http://www.w3.org/2000/09/xmldsig#;); -writer.writeStartElement(, X509Data, http://www.w3.org/2000/09/xmldsig#;); -writer.writeStartElement(, X509Certificate,
cxf git commit: Renaming SecurityUtils
Repository: cxf Updated Branches: refs/heads/master 5faf18226 - e5d98fd24 Renaming SecurityUtils Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/e5d98fd2 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/e5d98fd2 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/e5d98fd2 Branch: refs/heads/master Commit: e5d98fd24b545920f2453e94a56cd9690582af59 Parents: 5faf182 Author: Colm O hEigeartaigh cohei...@apache.org Authored: Tue Apr 14 15:18:44 2015 +0100 Committer: Colm O hEigeartaigh cohei...@apache.org Committed: Tue Apr 14 15:18:44 2015 +0100 -- .../grants/saml/Saml2BearerGrantHandler.java| 4 +- .../saml/sso/SAMLProtocolResponseValidator.java | 8 +- .../cxf/rs/security/common/RSSecurityUtils.java | 169 ++ .../cxf/rs/security/common/SecurityUtils.java | 172 --- .../rs/security/saml/AbstractSamlInHandler.java | 6 +- .../apache/cxf/rs/security/saml/SAMLUtils.java | 8 +- .../security/xml/AbstractXmlEncInHandler.java | 14 +- .../security/xml/AbstractXmlSigInHandler.java | 8 +- .../rs/security/xml/XmlEncOutInterceptor.java | 18 +- .../rs/security/xml/XmlSecInInterceptor.java| 8 +- .../rs/security/xml/XmlSecOutInterceptor.java | 16 +- .../rs/security/xml/XmlSigOutInterceptor.java | 10 +- .../security/saml/SamlCallbackHandler.java | 6 +- .../jaxrs/security/xml/JAXRSXmlSecTest.java | 14 +- 14 files changed, 229 insertions(+), 232 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/e5d98fd2/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/Saml2BearerGrantHandler.java -- diff --git a/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/Saml2BearerGrantHandler.java b/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/Saml2BearerGrantHandler.java index 94d49aa..2781f71 100644 --- a/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/Saml2BearerGrantHandler.java +++ b/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/Saml2BearerGrantHandler.java @@ -40,7 +40,7 @@ import org.apache.cxf.message.Message; import org.apache.cxf.message.MessageUtils; import org.apache.cxf.phase.PhaseInterceptorChain; import org.apache.cxf.rs.security.common.CryptoLoader; -import org.apache.cxf.rs.security.common.SecurityUtils; +import org.apache.cxf.rs.security.common.RSSecurityUtils; import org.apache.cxf.rs.security.oauth2.common.Client; import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken; import org.apache.cxf.rs.security.oauth2.common.UserSubject; @@ -177,7 +177,7 @@ public class Saml2BearerGrantHandler extends AbstractGrantHandler { if (assertion.isSigned()) { WSSConfig cfg = WSSConfig.getNewInstance(); data.setWssConfig(cfg); - data.setCallbackHandler(SecurityUtils.getCallbackHandler(message, this.getClass())); + data.setCallbackHandler(RSSecurityUtils.getCallbackHandler(message, this.getClass())); try { data.setSigVerCrypto(new CryptoLoader().getCrypto(message, SecurityConstants.SIGNATURE_CRYPTO, http://git-wip-us.apache.org/repos/asf/cxf/blob/e5d98fd2/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLProtocolResponseValidator.java -- diff --git a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLProtocolResponseValidator.java b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLProtocolResponseValidator.java index c1be9f5..b46ac84 100644 --- a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLProtocolResponseValidator.java +++ b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLProtocolResponseValidator.java @@ -35,7 +35,7 @@ import org.w3c.dom.NodeList; import org.apache.cxf.common.logging.LogUtils; import org.apache.cxf.common.util.Base64Exception; import org.apache.cxf.common.util.Base64Utility; -import org.apache.cxf.rs.security.common.SecurityUtils; +import org.apache.cxf.rs.security.common.RSSecurityUtils; import org.apache.cxf.rs.security.xml.EncryptionUtils; import org.apache.cxf.staxutils.StaxUtils; import org.apache.wss4j.common.WSS4JConstants; @@ -299,7 +299,7 @@ public class SAMLProtocolResponseValidator { protected SAMLKeyInfo createKeyInfoFromDefaultAlias(Crypto sigCrypto)
svn commit: r947659 - in /websites/production/cxf/content: cache/docs.pageCache docs/jax-rs-deployment.html
Author: buildbot Date: Tue Apr 14 22:47:18 2015 New Revision: 947659 Log: Production update by buildbot for cxf Modified: websites/production/cxf/content/cache/docs.pageCache websites/production/cxf/content/docs/jax-rs-deployment.html Modified: websites/production/cxf/content/cache/docs.pageCache == Binary files - no diff available. Modified: websites/production/cxf/content/docs/jax-rs-deployment.html == --- websites/production/cxf/content/docs/jax-rs-deployment.html (original) +++ websites/production/cxf/content/docs/jax-rs-deployment.html Tue Apr 14 22:47:18 2015 @@ -116,100 +116,34 @@ Apache CXF -- JAX-RS Deployment td height=100% !-- Content -- div class=wiki-content -div id=ConfluenceContentp/pp/pp/pp/ppspan class=inline-first-p style=font-size:2em;font-weight:bold JAX-RS : Deployment /span/pp/pp/pp/pp/pp/p +div id=ConfluenceContentp#160;/pp#160;/pp#160;/pp#160;/pp#160;span class=inline-first-p style=font-size:2em;font-weight:boldJAX-RS : Deployment/span#160;/pp#160;/pp#160;/pp#160;/pp#160;/ppstyle type=text/css/*![CDATA[*/ +div.rbtoc1429051602799 {padding: 0px;} +div.rbtoc1429051602799 ul {list-style: disc;margin-left: 0px;} +div.rbtoc1429051602799 li {margin-left: 0px;padding-left: 0px;} -style type=text/css/*![CDATA[*/ -div.rbtoc1419015906055 {padding: 0px;} -div.rbtoc1419015906055 ul {list-style: disc;margin-left: 0px;} -div.rbtoc1419015906055 li {margin-left: 0px;padding-left: 0px;} - -/*]]*//stylediv class=toc-macro rbtoc1419015906055 +/*]]*//style/pdiv class=toc-macro rbtoc1429051602799 ul class=toc-indentationlia shape=rect href=#JAX-RSDeployment-ServletContainersServlet Containers/a ul class=toc-indentationlia shape=rect href=#JAX-RSDeployment-TomcatTomcat/a/li/ul /lilia shape=rect href=#JAX-RSDeployment-ApplicationServersApplication Servers/a ul class=toc-indentationlia shape=rect href=#JAX-RSDeployment-GlassfishGlassfish/a/lilia shape=rect href=#JAX-RSDeployment-JBossJBoss/a/lilia shape=rect href=#JAX-RSDeployment-WebLogicWebLogic/a -ul class=toc-indentationlia shape=rect href=#JAX-RSDeployment-SpecifyingaWebLogicspecificJSPservletSpecifying a WebLogic specific JSP servlet/a/lilia shape=rect href=#JAX-RSDeployment-CXFRuntimeDelegateCXF RuntimeDelegate/a/lilia shape=rect href=#JAX-RSDeployment-SelectingWoodstoxasthedefaultparserSelecting Woodstox as the default parser/a/li/ul +ul class=toc-indentationlia shape=rect href=#JAX-RSDeployment-SpecifyingaWebLogicspecificJSPservletSpecifying a WebLogic specific JSP servlet/a/lilia shape=rect href=#JAX-RSDeployment-CXFRuntimeDelegateCXF RuntimeDelegate/a/lilia shape=rect href=#JAX-RSDeployment-SelectingWoodstoxasthedefaultparserSelecting Woodstox as the default parser/a/lilia shape=rect href=#JAX-RSDeployment-HowtouseCXFJAX-RS2.0ifWebLogicshipsJAX-RS1.1How to use CXF JAX-RS 2.0 if WebLogic ships JAX-RS 1.1/a/li/ul /lilia shape=rect href=#JAX-RSDeployment-GeronimoGeronimo/a ul class=toc-indentationlia shape=rect href=#JAX-RSDeployment-CXFRuntimeDelegate.1CXF RuntimeDelegate/a/li/ul /li/ul /li/ul -/div - -pThis page provides the tips on how to deploy CXF JAX-RS applications packaged as WAR archives or OSGI bundles into Java EE application servers and OSGI containers. /p - -h1 id=JAX-RSDeployment-ServletContainersServlet Containers/h1 -h2 id=JAX-RSDeployment-TomcatTomcat/h2 -p1. System org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASHbr clear=none -and org.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH properties may have to be set to true to support URIs containing encoded forward or backward slashes.br clear=none -2. When using mod_jk - ensure that the JkOptions setting has +ForwardURICompatUnparsed set. br clear=none -3. Windows: upgrade isapi_redirect.dll if you see URI containing encoded spaces being decoded by Tomcat./p - -h1 id=JAX-RSDeployment-ApplicationServersApplication Servers/h1 -h2 id=JAX-RSDeployment-GlassfishGlassfish/h2 - -pstrongVerified with Glassfish Server Open Source Edition 3.1.1/strong/p - -p1. Make sure a cxf-rt-transport-http-jetty dependency is excluded during the war build/p - -p2. If a custom JAX-RS a shape=rect class=external-link href=http://jsr311.java.net/nonav/releases/1.1/index.html; rel=nofollowApplication/a is included thenbr clear=none -use a a shape=rect href=http://cxf.apache.org/docs/jaxrs-services-configuration.html#JAXRSServicesConfiguration-ConfiguringJAXRSservicesincontainerwithoutSpring;CXFNonSpringJaxrsServlet/a to reference the Application implementation class and either br clear=none - 2.1 Disable the Jersey scanning the custom web applications. Setting the following system property may help:br clear=none - -Dcom.sun.enterprise.overrideablejavaxpackages=javax.ws.rs,javax.ws.rs.core,javax.ws.rs.ext/p - -p 2.2 Remove jersey-gf-server.jar from
cxf git commit: Minor update to BearerAuthSupplier
Repository: cxf Updated Branches: refs/heads/master bc752dc5b - 18b46a409 Minor update to BearerAuthSupplier Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/18b46a40 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/18b46a40 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/18b46a40 Branch: refs/heads/master Commit: 18b46a409fd14848871a51cd2cacf6cfaac6b2ed Parents: bc752dc Author: Sergey Beryozkin sberyoz...@talend.com Authored: Tue Apr 14 18:01:07 2015 -0500 Committer: Sergey Beryozkin sberyoz...@talend.com Committed: Tue Apr 14 18:01:07 2015 -0500 -- .../apache/cxf/rs/security/oauth2/client/AbstractAuthSupplier.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/18b46a40/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/AbstractAuthSupplier.java -- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/AbstractAuthSupplier.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/AbstractAuthSupplier.java index aecc472..3c5310d 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/AbstractAuthSupplier.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/AbstractAuthSupplier.java @@ -31,7 +31,7 @@ public abstract class AbstractAuthSupplier { clientAccessToken.setTokenKey(accessToken); } protected String createAuthorizationHeader() { -return clientAccessToken.getTokenType() + + clientAccessToken.getTokenKey(); +return OAuthClientUtils.createAuthorizationHeader(clientAccessToken); } protected ClientAccessToken getClientAccessToken() { return clientAccessToken;
cxf git commit: Minor update to BearerAuthSupplier
Repository: cxf Updated Branches: refs/heads/3.0.x-fixes 624bb36e4 - 1d03ca5c0 Minor update to BearerAuthSupplier Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/1d03ca5c Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/1d03ca5c Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/1d03ca5c Branch: refs/heads/3.0.x-fixes Commit: 1d03ca5c04d2fe210919cf57a0b0dce820346460 Parents: 624bb36 Author: Sergey Beryozkin sberyoz...@talend.com Authored: Tue Apr 14 18:01:07 2015 -0500 Committer: Sergey Beryozkin sberyoz...@talend.com Committed: Tue Apr 14 18:03:03 2015 -0500 -- .../apache/cxf/rs/security/oauth2/client/AbstractAuthSupplier.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/1d03ca5c/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/AbstractAuthSupplier.java -- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/AbstractAuthSupplier.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/AbstractAuthSupplier.java index aecc472..3c5310d 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/AbstractAuthSupplier.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/AbstractAuthSupplier.java @@ -31,7 +31,7 @@ public abstract class AbstractAuthSupplier { clientAccessToken.setTokenKey(accessToken); } protected String createAuthorizationHeader() { -return clientAccessToken.getTokenType() + + clientAccessToken.getTokenKey(); +return OAuthClientUtils.createAuthorizationHeader(clientAccessToken); } protected ClientAccessToken getClientAccessToken() { return clientAccessToken;