[
https://issues.apache.org/jira/browse/WSS-118?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Daniel Kulp closed WSS-118.
---------------------------
Resolution: Fixed
Fix Version/s: 1.5.5
I fixed this this morning, but slightly differently.
I've kept the usage as ENCRYPTED_KEY_TOKEN, but added a "getKeyType()" method
onto the callback so the handler can determine exactly the type of key
requested. This should cover SHA1 and SAML right now and any other type of
key reference found.
> Support for SAML 1.1 SecurityTokenReferences in
> /org/apache/ws/security/processor/DerivedKeyTokenProcessor
> -----------------------------------------------------------------------------------------------------------
>
> Key: WSS-118
> URL: https://issues.apache.org/jira/browse/WSS-118
> Project: WSS4J
> Issue Type: Improvement
> Environment: Trunk
> Reporter: Rasmus Rhein Helwigh
> Assignee: Daniel Kulp
> Fix For: 1.5.5
>
> Original Estimate: 1h
> Remaining Estimate: 1h
>
> This patch enables handling of SecurityTokenReference is of type SAML_ID_URI
> in DerivedKeyTokenProcessor.
> Index:
> C:/src/Main/java/wss4j-svn/src/org/apache/ws/security/processor/DerivedKeyTokenProcessor.java
> ===================================================================
> ---
> C:/src/Main/java/wss4j-svn/src/org/apache/ws/security/processor/DerivedKeyTokenProcessor.java
> (revision 654702)
> +++
> C:/src/Main/java/wss4j-svn/src/org/apache/ws/security/processor/DerivedKeyTokenProcessor.java
> (working copy)
> @@ -200,20 +200,29 @@
> if (keyIdentifierType.equals
> (SecurityTokenReference.ENC_KEY_SHA1_URI)) {
>
> - pwcb = new WSPasswordCallback(keyIdentifierValue,
> + pwcb = new WSPasswordCallback(keyIdentifierValue,
>
> WSPasswordCallback.ENCRYPTED_KEY_TOKEN);
> - try {
> - cb.handle(new Callback[]{pwcb});
> - } catch (IOException e) {
> - throw new WSSecurityException(WSSecurityException.FAILURE,
> "noKey",
> - new Object[] { id });
> - } catch (UnsupportedCallbackException e) {
> - throw new WSSecurityException(WSSecurityException.FAILURE,
> "noKey",
> - new Object[] { id });
> - }
> -
> - }
> - return pwcb.getKey();
> + }
> + else if (
> keyIdentifierType.equals(SecurityTokenReference.SAML_ID_URI))
> + {
> + pwcb = new WSPasswordCallback(keyIdentifierValue,
> + WSPasswordCallback.CUSTOM_TOKEN);
> + }
> + else
> + {
> + throw new
> WSSecurityException(WSSecurityException.FAILURE, "Keyidentifier unsupported",
> + new Object[] { keyIdentifierType });
> + }
> + try {
> + cb.handle(new Callback[]{pwcb});
> + } catch (IOException e) {
> + throw new WSSecurityException(WSSecurityException.FAILURE,
> "noKey",
> + new Object[] { id });
> + } catch (UnsupportedCallbackException e) {
> + throw new WSSecurityException(WSSecurityException.FAILURE,
> "noKey",
> + new Object[] { id });
> + }
> + return pwcb.getKey();
> }
>
> /**
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
