Author: coheigea Date: Thu Sep 16 17:57:39 2010 New Revision: 997867 URL: http://svn.apache.org/viewvc?rev=997867&view=rev Log: [WSS-242] - Patch applied, thanks.
Modified: webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/message/WSSecBase.java webservices/wss4j/branches/1_5_x-fixes/test/wssec/SOAPUtil.java webservices/wss4j/branches/1_5_x-fixes/test/wssec/TestWSSecurityNew6.java Modified: webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/message/WSSecBase.java URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/message/WSSecBase.java?rev=997867&r1=997866&r2=997867&view=diff ============================================================================== --- webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/message/WSSecBase.java (original) +++ webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/message/WSSecBase.java Thu Sep 16 17:57:39 2010 @@ -130,11 +130,26 @@ public class WSSecBase { protected String setWsuId(Element bodyElement) { String id = bodyElement.getAttributeNS(WSConstants.WSU_NS, "Id"); + String newAttrNs = WSConstants.WSU_NS; + String newAttrPrefix = WSConstants.WSU_PREFIX; + + if ((id == null || id.length() == 0) + && WSConstants.ENC_NS.equals(bodyElement.getNamespaceURI()) + && (WSConstants.ENC_DATA_LN.equals(bodyElement.getLocalName()) + || WSConstants.ENC_KEY_LN.equals(bodyElement.getLocalName())) + ) { + // If it is an XML-Enc derived element, it may already have an ID, + // plus it is not schema valid to add an additional ID. + id = bodyElement.getAttribute("Id"); + newAttrPrefix = WSConstants.ENC_PREFIX; + newAttrNs = WSConstants.ENC_NS; + } + if ((id == null) || (id.length() == 0)) { id = wssConfig.getIdAllocator().createId("id-", bodyElement); String prefix = - WSSecurityUtil.setNamespace(bodyElement, WSConstants.WSU_NS, WSConstants.WSU_PREFIX); - bodyElement.setAttributeNS(WSConstants.WSU_NS, prefix + ":Id", id); + WSSecurityUtil.setNamespace(bodyElement, newAttrNs, newAttrPrefix); + bodyElement.setAttributeNS(newAttrNs, prefix + ":Id", id); } return id; } Modified: webservices/wss4j/branches/1_5_x-fixes/test/wssec/SOAPUtil.java URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/1_5_x-fixes/test/wssec/SOAPUtil.java?rev=997867&r1=997866&r2=997867&view=diff ============================================================================== --- webservices/wss4j/branches/1_5_x-fixes/test/wssec/SOAPUtil.java (original) +++ webservices/wss4j/branches/1_5_x-fixes/test/wssec/SOAPUtil.java Thu Sep 16 17:57:39 2010 @@ -1,3 +1,22 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + package wssec; import javax.xml.soap.MessageFactory; Modified: webservices/wss4j/branches/1_5_x-fixes/test/wssec/TestWSSecurityNew6.java URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/1_5_x-fixes/test/wssec/TestWSSecurityNew6.java?rev=997867&r1=997866&r2=997867&view=diff ============================================================================== --- webservices/wss4j/branches/1_5_x-fixes/test/wssec/TestWSSecurityNew6.java (original) +++ webservices/wss4j/branches/1_5_x-fixes/test/wssec/TestWSSecurityNew6.java Thu Sep 16 17:57:39 2010 @@ -1,18 +1,20 @@ -/* - * Copyright 2003-2004 The Apache Software Foundation. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * http://www.apache.org/licenses/LICENSE-2.0 * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. */ package wssec; @@ -27,14 +29,18 @@ import org.apache.axis.configuration.Nul import org.apache.axis.message.SOAPEnvelope; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import org.apache.ws.security.WSConstants; +import org.apache.ws.security.WSDataRef; import org.apache.ws.security.WSEncryptionPart; import org.apache.ws.security.WSPasswordCallback; import org.apache.ws.security.WSSecurityEngine; +import org.apache.ws.security.WSSecurityEngineResult; import org.apache.ws.security.components.crypto.Crypto; import org.apache.ws.security.components.crypto.CryptoFactory; import org.apache.ws.security.message.WSSecEncrypt; import org.apache.ws.security.message.WSSecSignature; import org.apache.ws.security.message.WSSecHeader; +import org.apache.ws.security.util.WSSecurityUtil; import org.w3c.dom.Document; import javax.security.auth.callback.Callback; @@ -43,6 +49,7 @@ import javax.security.auth.callback.Unsu import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.InputStream; +import java.util.List; import java.util.Vector; /** @@ -143,6 +150,90 @@ public class TestWSSecurityNew6 extends } /** + * Test that encrypts and then signs a WS-Security envelope (including the + * encrypted element), then performs verification and decryption <p/> + * + * @throws Exception + * Thrown when there is any problem in signing, encryption, + * decryption, or verification + */ + public void testEncryptionElementSigning() throws Exception { + WSSecEncrypt encrypt = new WSSecEncrypt(); + WSSecSignature sign = new WSSecSignature(); + encrypt.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e"); + sign.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security"); + LOG.info("Before Encryption...."); + Document doc = message.getSOAPEnvelope().getAsDocument(); + + WSSecHeader secHeader = new WSSecHeader(); + secHeader.insertSecurityHeader(doc); + + Vector encParts = new Vector(); + encParts.add( + new WSEncryptionPart( + "add", + "http://ws.apache.org/counter/counter_port_type", + "Element")); + encrypt.setParts(encParts); + + Document encryptedDoc = encrypt.build(doc, crypto, secHeader); + + if (LOG.isDebugEnabled()) { + LOG.debug("After Encryption...."); + String outputString = + org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(encryptedDoc); + LOG.debug(outputString); + } + + Vector sigParts = new Vector(); + sigParts.add( + new WSEncryptionPart( + WSConstants.ENC_DATA_LN, + WSConstants.ENC_NS, + "Element")); + sign.setParts(sigParts); + + Document encryptedSignedDoc = sign.build(encryptedDoc, crypto, secHeader); + + if (LOG.isDebugEnabled()) { + LOG.debug("After Signing...."); + String outputString = + org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(encryptedSignedDoc); + LOG.debug(outputString); + } + + Vector results = verify(encryptedSignedDoc); + + Vector sigSecEngResults = new Vector(); + WSSecurityUtil.fetchAllActionResults(results, + WSConstants.SIGN, sigSecEngResults); + + Vector encSecEngResults = new Vector(); + WSSecurityUtil.fetchAllActionResults(results, + WSConstants.ENCR, encSecEngResults); + + assertEquals(1, sigSecEngResults.size()); + assertEquals(1, encSecEngResults.size()); + + List sigDataRefs = (List) ((WSSecurityEngineResult) sigSecEngResults.get(0)) + .get(WSSecurityEngineResult.TAG_DATA_REF_URIS); + + List encDataRefs = (List) ((WSSecurityEngineResult) encSecEngResults.get(0)) + .get(WSSecurityEngineResult.TAG_DATA_REF_URIS); + + assertNotNull(sigDataRefs); + assertNotNull(encDataRefs); + assertEquals(1, sigDataRefs.size()); + assertEquals(1, encDataRefs.size()); + + assertNull(((WSDataRef) sigDataRefs.get(0)) + .getProtectedElement().getAttributeNodeNS(WSConstants.WSU_NS, "Id")); + + assertTrue(((WSDataRef) sigDataRefs.get(0)).getWsuId().contains( + ((WSDataRef) encDataRefs.get(0)).getWsuId())); + } + + /** * Test that signs and then encrypts a WS-Security envelope, then performs * decryption and verification <p/> * @@ -210,16 +301,21 @@ public class TestWSSecurityNew6 extends * Verifies the soap envelope <p/> * * @param envelope + * + * @return the <code>WSSecurityEngineResult</code>s from processing + * * @throws Exception * Thrown when there is a problem in verification */ - private void verify(Document doc) throws Exception { - secEngine.processSecurityHeader(doc, null, this, crypto); + private Vector verify(Document doc) throws Exception { + Vector results = secEngine.processSecurityHeader(doc, null, this, crypto); if (LOG.isDebugEnabled()) { String outputString = org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(doc); LOG.debug(outputString); } + + return results; } public void handle(Callback[] callbacks) throws IOException, --------------------------------------------------------------------- To unsubscribe, e-mail: wss4j-dev-unsubscr...@ws.apache.org For additional commands, e-mail: wss4j-dev-h...@ws.apache.org