Author: coheigea
Date: Thu Apr 23 13:33:01 2009
New Revision: 767917
URL: http://svn.apache.org/viewvc?rev=767917&view=rev
Log:
Some BST processing optimisations
- Removed unnecessary BinarySecurity construction in the BSTProcessor
- Changed the SignatureProcessor to first ask the BSTProcessor for the
certs...this should improve performance a good bit.
Modified:
webservices/wss4j/trunk/src/org/apache/ws/security/processor/BinarySecurityTokenProcessor.java
webservices/wss4j/trunk/src/org/apache/ws/security/processor/SignatureProcessor.java
Modified:
webservices/wss4j/trunk/src/org/apache/ws/security/processor/BinarySecurityTokenProcessor.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/processor/BinarySecurityTokenProcessor.java?rev=767917&r1=767916&r2=767917&view=diff
==============================================================================
---
webservices/wss4j/trunk/src/org/apache/ws/security/processor/BinarySecurityTokenProcessor.java
(original)
+++
webservices/wss4j/trunk/src/org/apache/ws/security/processor/BinarySecurityTokenProcessor.java
Thu Apr 23 13:33:01 2009
@@ -39,7 +39,7 @@
/**
* Processor implementation to handle wsse:BinarySecurityToken elements
*/
-public class BinarySecurityTokenProcessor implements Processor {
+public class BinarySecurityTokenProcessor implements Processor {
/**
* Token Id
@@ -65,7 +65,7 @@
* {...@inheritdoc}
*/
public String getId() {
- return this.id;
+ return id;
}
/**
@@ -80,11 +80,12 @@
Vector returnResults,
WSSConfig config
) throws WSSecurityException {
- this.getCertificatesTokenReference(elem, crypto);
+ getCertificatesTokenReference(elem, crypto);
returnResults.add(
0,
- new WSSecurityEngineResult(WSConstants.BST, this.token,
this.certificates)
+ new WSSecurityEngineResult(WSConstants.BST, token, certificates)
);
+ id = elem.getAttributeNS(WSConstants.WSU_NS, "Id");
}
/**
@@ -97,13 +98,12 @@
*/
private void getCertificatesTokenReference(Element elem, Crypto crypto)
throws WSSecurityException {
- this.createSecurityToken(elem);
+ createSecurityToken(elem);
if (token instanceof PKIPathSecurity) {
- this.certificates = ((PKIPathSecurity)
token).getX509Certificates(false, crypto);
+ certificates = ((PKIPathSecurity)
token).getX509Certificates(false, crypto);
} else if (token instanceof X509Security) {
X509Certificate cert = ((X509Security)
token).getX509Certificate(crypto);
- this.certificates = new X509Certificate[1];
- this.certificates[0] = cert;
+ certificates = new X509Certificate[]{cert};
}
}
@@ -115,14 +115,15 @@
* @throws WSSecurityException
*/
private void createSecurityToken(Element element) throws
WSSecurityException {
- this.token = new BinarySecurity(element);
- String type = token.getValueType();
-
+
+ type = element.getAttribute("ValueType");
if (X509Security.X509_V3_TYPE.equals(type)) {
- this.token = new X509Security(element);
+ token = new X509Security(element);
} else if (PKIPathSecurity.getType().equals(type)) {
- this.token = new PKIPathSecurity(element);
- }
+ token = new PKIPathSecurity(element);
+ } else {
+ token = new BinarySecurity(element);
+ }
}
public String getType() {
Modified:
webservices/wss4j/trunk/src/org/apache/ws/security/processor/SignatureProcessor.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/processor/SignatureProcessor.java?rev=767917&r1=767916&r2=767917&view=diff
==============================================================================
---
webservices/wss4j/trunk/src/org/apache/ws/security/processor/SignatureProcessor.java
(original)
+++
webservices/wss4j/trunk/src/org/apache/ws/security/processor/SignatureProcessor.java
Thu Apr 23 13:33:01 2009
@@ -259,8 +259,7 @@
secretKey = dktProcessor.getKeyBytes(keyLength);
} else {
if (el.equals(WSSecurityEngine.binaryToken)) {
- // TODO: Use results from BinarySecurityTokenProcessor
- certs = getCertificatesTokenReference(token, crypto);
+ certs = getCertificates(token, wsDocInfo, crypto);
} else if (el.equals(WSSecurityEngine.SAML_TOKEN)) {
if (crypto == null) {
throw new WSSecurityException(
@@ -518,6 +517,38 @@
);
}
}
+
+
+ /**
+ * Get the X509 Certificates from the BinarySecurityToken DOM element. It
first tries to
+ * get the certificates from the BinarySecurityTokenProcessor, if the BST
has been previously
+ * processed. If this fails, it gets the certificates directly from the
token.
+ * @param The BinarySecurityToken element
+ * @wsDocInfo The WSDocInfo structure that contains information on
previous processing
+ * @crypto The crypto instance that is needed to get the certificates from
the BST
+ * @throws WSSecurityException
+ */
+ public X509Certificate[] getCertificates(Element elem, WSDocInfo
wsDocInfo, Crypto crypto)
+ throws WSSecurityException {
+
+ String id = elem.getAttributeNS(WSConstants.WSU_NS, "Id");
+ BinarySecurityTokenProcessor bstProcessor =
+ (BinarySecurityTokenProcessor) wsDocInfo.getProcessor(id);
+ if (bstProcessor != null) {
+ String type = bstProcessor.getType();
+ if (!(X509Security.X509_V3_TYPE.equals(type)
+ || PKIPathSecurity.getType().equals(type))) {
+ throw new WSSecurityException(
+ WSSecurityException.UNSUPPORTED_SECURITY_TOKEN,
+ "unsupportedBinaryTokenType",
+ new Object[]{type}
+ );
+ }
+ return bstProcessor.getCertificates();
+ } else {
+ return getCertificatesTokenReference(elem, crypto);
+ }
+ }
/**
* Extracts the certificate(s) from the Binary Security token reference.
@@ -535,13 +566,10 @@
BinarySecurity token = createSecurityToken(elem);
if (token instanceof PKIPathSecurity) {
return ((PKIPathSecurity) token).getX509Certificates(false,
crypto);
- } else if (token instanceof X509Security) {
+ } else {
X509Certificate cert = ((X509Security)
token).getX509Certificate(crypto);
- X509Certificate[] certs = new X509Certificate[1];
- certs[0] = cert;
- return certs;
+ return new X509Certificate[]{cert};
}
- return null;
}
@@ -556,16 +584,13 @@
* @throws WSSecurityException
*/
private BinarySecurity createSecurityToken(Element element) throws
WSSecurityException {
- BinarySecurity token = new BinarySecurity(element);
- String type = token.getValueType();
- X509Security x509 = null;
- PKIPathSecurity pkiPath = null;
+ String type = element.getAttribute("ValueType");
if (X509Security.X509_V3_TYPE.equals(type)) {
- x509 = new X509Security(element);
+ X509Security x509 = new X509Security(element);
return (BinarySecurity) x509;
} else if (PKIPathSecurity.getType().equals(type)) {
- pkiPath = new PKIPathSecurity(element);
+ PKIPathSecurity pkiPath = new PKIPathSecurity(element);
return (BinarySecurity) pkiPath;
}
throw new WSSecurityException(
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
