ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1066464 - in /webservices/wss4j/trunk: ./ src/main/java/org/apache/ws/security/ src/main/java/org/apache/ws/security/saml/ src/main/java/org/apache/ws/security/saml/ext/ src/main/java/org/apache/ws/security/saml/ext/bean/ src/main/java/org...
Date Wed, 02 Feb 2011 13:49:44 GMT
Author: coheigea
Date: Wed Feb  2 13:49:43 2011
New Revision: 1066464

URL: http://svn.apache.org/viewvc?rev=1066464&view=rev
Log:
[WSS-146] - Did another review and added another test
 - Added a Bootstrap implementation to avoid having to have Velocity as a dependency.

Modified:
    webservices/wss4j/trunk/pom.xml
    webservices/wss4j/trunk/src/main/java/org/apache/ws/security/WSSecurityEngineResult.java
    webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/SAMLIssuerFactory.java
    webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/SAMLIssuerImpl.java
    webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/AssertionWrapper.java
    webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/OpenSAMLUtil.java
    webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/SAMLCallback.java
    webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/ActionBean.java
    webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/AttributeBean.java
    webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/AttributeStatementBean.java
    webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/AuthDecisionStatementBean.java
    webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/AuthenticationStatementBean.java
    webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/ConditionsBean.java
    webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/KeyInfoBean.java
    webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/SubjectBean.java
    webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/builder/SAML1ComponentBuilder.java
    webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/builder/SAML2ComponentBuilder.java
    webservices/wss4j/trunk/src/test/java/org/apache/ws/security/handler/ResultsOrderTest.java
    webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SamlNegativeTest.java
    webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SamlTokenTest.java
    webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SignedSamlTokenHOKTest.java

Modified: webservices/wss4j/trunk/pom.xml
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/pom.xml?rev=1066464&r1=1066463&r2=1066464&view=diff
==============================================================================
--- webservices/wss4j/trunk/pom.xml (original)
+++ webservices/wss4j/trunk/pom.xml Wed Feb  2 13:49:43 2011
@@ -377,6 +377,10 @@
             <scope>compile</scope>
             <exclusions>
                 <exclusion>
+                    <groupId>velocity</groupId>
+                    <artifactId>velocity</artifactId>
+                </exclusion>
+                <exclusion>
                     <groupId>org.slf4j</groupId>
                     <artifactId>log4j-over-slf4j</artifactId>
                 </exclusion>
@@ -433,6 +437,14 @@
                     <artifactId>commons-httpclient</artifactId>
                 </exclusion>
                 <exclusion>
+                    <groupId>commons-lang</groupId>
+                    <artifactId>commons-lang</artifactId>
+                </exclusion>
+                 <exclusion>
+                    <groupId>commons-collections</groupId>
+                    <artifactId>commons-collections</artifactId>
+                </exclusion>
+                <exclusion>
                     <groupId>jargs</groupId>
                     <artifactId>jargs</artifactId>
                 </exclusion>

Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/WSSecurityEngineResult.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/WSSecurityEngineResult.java?rev=1066464&r1=1066463&r2=1066464&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/WSSecurityEngineResult.java (original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/WSSecurityEngineResult.java Wed Feb  2 13:49:43 2011
@@ -24,6 +24,7 @@ import org.apache.ws.security.message.to
 import org.apache.ws.security.message.token.SignatureConfirmation;
 import org.apache.ws.security.message.token.Timestamp;
 import org.apache.ws.security.message.token.UsernameToken;
+import org.apache.ws.security.saml.ext.AssertionWrapper;
 
 import java.security.Principal;
 import java.security.cert.X509Certificate;
@@ -41,7 +42,7 @@ public class WSSecurityEngineResult exte
     /**
      * Tag denoting the SAML Assertion found, if applicable.
      *
-     * The value under this tag is of type org.opensaml.SAMLAssertion.
+     * The value under this tag is of type AssertionWrapper.
      */
     public static final String TAG_SAML_ASSERTION = "saml-assertion";
     
@@ -177,7 +178,7 @@ public class WSSecurityEngineResult exte
     
     public WSSecurityEngineResult(
         int act, 
-        Object ass
+        AssertionWrapper ass
     ) {
         put(TAG_ACTION, new Integer(act));
         put(TAG_SAML_ASSERTION, ass);

Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/SAMLIssuerFactory.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/SAMLIssuerFactory.java?rev=1066464&r1=1066463&r2=1066464&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/SAMLIssuerFactory.java (original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/SAMLIssuerFactory.java Wed Feb  2 13:49:43 2011
@@ -72,8 +72,7 @@ public abstract class SAMLIssuerFactory 
      *                      These properties are dependend on the SAMLIssuer implementatin
      * @return The SAMLIssuer implementation or null if no samlClassName was defined
      */
-    public static SAMLIssuer getInstance(String samlClassName,
-                                         Properties properties) {
+    public static SAMLIssuer getInstance(String samlClassName, Properties properties) {
         return loadClass(samlClassName, properties);
     }
 
@@ -99,15 +98,15 @@ public abstract class SAMLIssuerFactory 
         if ((samlClassName == null) || (samlClassName.length() == 0)) {
             properties = getProperties(propFilename);
             samlClassName =
-                    properties.getProperty("org.apache.ws.security.saml.issuerClass",
-                            defaultSAMLClassName);
+                    properties.getProperty(
+                        "org.apache.ws.security.saml.issuerClass", defaultSAMLClassName
+                    );
         }
         return loadClass(samlClassName, properties);
     }
 
-    private static SAMLIssuer loadClass(String samlClassName,
-                                        Properties properties) {
-        Class samlIssuerClass = null;
+    private static SAMLIssuer loadClass(String samlClassName, Properties properties) {
+        Class<?> samlIssuerClass = null;
         SAMLIssuer samlIssuer = null;
         try {
             // instruct the class loader to load the crypto implementation
@@ -120,10 +119,9 @@ public abstract class SAMLIssuerFactory 
         }
         log.info("Using Crypto Engine [" + samlClassName + "]");
         try {
-            Class[] classes = new Class[]{Properties.class};
-            Constructor c = samlIssuerClass.getConstructor(classes);
-            samlIssuer =
-                    (SAMLIssuer) c.newInstance(new Object[]{properties});
+            Class<?>[] classes = new Class<?>[]{Properties.class};
+            Constructor<?> c = samlIssuerClass.getConstructor(classes);
+            samlIssuer = (SAMLIssuer) c.newInstance(new Object[]{properties});
             return samlIssuer;
         } catch (java.lang.Exception ex) {
             if (log.isDebugEnabled()) {
@@ -160,8 +158,11 @@ public abstract class SAMLIssuerFactory 
             if (doDebug) {
                 log.debug("Cannot find SAML property file: " + propFilename, e);
             }
-            throw new RuntimeException("SAMLIssuerFactory: Cannot load properties: " + propFilename, e);
+            throw new RuntimeException(
+                "SAMLIssuerFactory: Cannot load properties: " + propFilename, e
+            );
         }
         return properties;
     }
+    
 }

Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/SAMLIssuerImpl.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/SAMLIssuerImpl.java?rev=1066464&r1=1066463&r2=1066464&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/SAMLIssuerImpl.java (original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/SAMLIssuerImpl.java Wed Feb  2 13:49:43 2011
@@ -130,13 +130,14 @@ public class SAMLIssuerImpl implements S
      * @return a new AssertionWrapper.
      */
     public AssertionWrapper newAssertion() throws WSSecurityException {
-        
-        log.debug(
-          "Entering AssertionWrapper.newAssertion() ... creating SAML v" 
-          + samlVersion + " token"
-        );
+        if (log.isDebugEnabled()) {
+            log.debug(
+                "Entering AssertionWrapper.newAssertion() ... creating SAML v" 
+                + samlVersion + " token"
+            );
+        }
 
-        if (callbackHandler == null) {
+        if (callbackHandler == null && properties != null) {
             try {
                 String samlCallbackClassname = 
                     properties.getProperty("org.apache.ws.security.saml.callback");
@@ -182,7 +183,9 @@ public class SAMLIssuerImpl implements S
 
             String sigAlgo = SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1;
             String pubKeyAlgo = issuerCerts[0].getPublicKey().getAlgorithm();
-            log.debug("automatic sig algo detection: " + pubKeyAlgo);
+            if (log.isDebugEnabled()) {
+                log.debug("automatic sig algo detection: " + pubKeyAlgo);
+            }
             if (pubKeyAlgo.equalsIgnoreCase("DSA")) {
                 sigAlgo = SignatureConstants.ALGO_ID_SIGNATURE_DSA;
             }

Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/AssertionWrapper.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/AssertionWrapper.java?rev=1066464&r1=1066463&r2=1066464&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/AssertionWrapper.java (original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/AssertionWrapper.java Wed Feb  2 13:49:43 2011
@@ -34,6 +34,7 @@ import org.apache.ws.security.util.UUIDG
 
 import org.opensaml.common.SAMLVersion;
 import org.opensaml.common.SignableSAMLObject;
+import org.opensaml.saml1.core.AttributeStatement;
 import org.opensaml.saml1.core.AuthenticationStatement;
 import org.opensaml.saml1.core.AuthorizationDecisionStatement;
 import org.opensaml.saml1.core.ConfirmationMethod;
@@ -96,8 +97,8 @@ public class AssertionWrapper {
     /**
      * Fully qualified class name of the SAML callback handler implementation to use.
      * NOTE: Each application should provide a unique implementation of this 
-     * <code>Callback</code> that is able to extract any dynamic data from the local 
-     * environment that should be included in the generated SAML statements.
+     * <code>CallbackHandler</code> that is able to extract any dynamic data from the
+     * local environment that should be included in the generated SAML statements.
      */
     private CallbackHandler samlCallbackHandler = null;
     
@@ -241,38 +242,26 @@ public class AssertionWrapper {
                     SAML1ComponentBuilder.createSamlv1AuthenticationStatement(
                         samlCallbacks[0].getAuthenticationStatementData()
                     );
+                saml1.getAuthenticationStatements().addAll(authenticationStatements);
     
                 // Process the SAML attribute statement(s)            
-                List<org.opensaml.saml1.core.AttributeStatement> attributeStatements =
+                List<AttributeStatement> attributeStatements =
                         SAML1ComponentBuilder.createSamlv1AttributeStatement(
                             samlCallbacks[0].getAttributeStatementData()
                         );
+                saml1.getAttributeStatements().addAll(attributeStatements);
     
                 // Process the SAML authorization decision statement(s)
-                List<org.opensaml.saml1.core.AuthorizationDecisionStatement> authDecisionStatements =
+                List<AuthorizationDecisionStatement> authDecisionStatements =
                         SAML1ComponentBuilder.createSamlv1AuthorizationDecisionStatement(
                             samlCallbacks[0].getAuthDecisionStatementData()
                         );
+                saml1.getAuthorizationDecisionStatements().addAll(authDecisionStatements);
     
                 // Build the complete assertion
                 org.opensaml.saml1.core.Conditions conditions = 
                     SAML1ComponentBuilder.createSamlv1Conditions(samlCallbacks[0].getConditions());
                 saml1.setConditions(conditions);
-    
-                // Add the SAML authentication statement(s) (if any)
-                for (AuthenticationStatement authnStatement : authenticationStatements) {
-                    saml1.getAuthenticationStatements().add(authnStatement);
-                }
-    
-                // Add the SAML attribute statement(s) (if any)
-                for (org.opensaml.saml1.core.AttributeStatement attrStatement : attributeStatements) {
-                    saml1.getAttributeStatements().add(attrStatement);
-                }
-    
-                // Add the SAML authorization decision statement(s) (if any)
-                for (AuthorizationDecisionStatement authzStatement : authDecisionStatements) {
-                    saml1.getAuthorizationDecisionStatements().add(authzStatement);
-                }
             } catch (org.opensaml.xml.security.SecurityException ex) {
                 throw new WSSecurityException(
                     "Error generating KeyInfo from signing credential", ex
@@ -292,18 +281,21 @@ public class AssertionWrapper {
                 SAML2ComponentBuilder.createAuthnStatement(
                     samlCallbacks[0].getAuthenticationStatementData()
                 );
+            saml2.getAuthnStatements().addAll(authnStatements);
 
             // Attribute statement(s)
             List<org.opensaml.saml2.core.AttributeStatement> attributeStatements = 
                 SAML2ComponentBuilder.createAttributeStatement(
                     samlCallbacks[0].getAttributeStatementData()
                 );
+            saml2.getAttributeStatements().addAll(attributeStatements);
 
             // AuthzDecisionStatement(s)
             List<AuthzDecisionStatement> authDecisionStatements =
                     SAML2ComponentBuilder.createAuthorizationDecisionStatement(
                         samlCallbacks[0].getAuthDecisionStatementData()
                     );
+            saml2.getAuthzDecisionStatements().addAll(authDecisionStatements);
 
             // Build the SAML v2.0 assertion
             saml2.setIssuer(issuer);
@@ -322,21 +314,6 @@ public class AssertionWrapper {
                 SAML2ComponentBuilder.createConditions(samlCallbacks[0].getConditions());
             saml2.setConditions(conditions);
 
-            // Add the SAML authentication statemnt(s) (if any)
-            for (AuthnStatement authnStatement : authnStatements) {
-                saml2.getAuthnStatements().add(authnStatement);
-            }
-
-            // Add the SAML attribute statemnt(s) (if any)
-            for (org.opensaml.saml2.core.AttributeStatement attributeStatement : attributeStatements) {
-                saml2.getAttributeStatements().add(attributeStatement);
-            }
-
-            // Add the SAML authorization decision statemnt(s) (if any)
-            for (AuthzDecisionStatement authorizationDecisionStatement : authDecisionStatements) {
-                saml2.getAuthzDecisionStatements().add(authorizationDecisionStatement);
-            }
-
             // Set the OpenSaml2 XMLObject instance
             xmlObject = saml2;
         }
@@ -599,7 +576,11 @@ public class AssertionWrapper {
     public SAMLVersion getSamlVersion() {
         if (samlVersion == null) {
             // Try to set the version.
-            log.debug("The SAML version was null in getSamlVersion(). Recomputing SAML version...");
+            if (log.isDebugEnabled()) {
+                log.debug(
+                    "The SAML version was null in getSamlVersion(). Recomputing SAML version..."
+                );
+            }
             if (saml1 != null && saml2 == null) {
                 samlVersion = SAMLVersion.VERSION_11;
             } else if (saml1 == null && saml2 != null) {
@@ -616,24 +597,6 @@ public class AssertionWrapper {
     }
 
     /**
-     * Method setSamlVersion sets the samlVersion of this AssertionWrapper object.
-     *
-     * @param samlVersion the samlVersion of this AssertionWrapper object.
-     */
-    public void setSamlVersion(SAMLVersion samlVersion) {
-        this.samlVersion = samlVersion;
-    }
-
-    /**
-     * Method setSamlCallbackHandler sets the samlCallbackHandler of this AssertionWrapper object.
-     *
-     * @param samlCallbackHandler the samlCallbackHandler of this AssertionWrapper object.
-     */
-    public void setSamlCallbackHandler(CallbackHandler samlCallbackHandler) {
-        this.samlCallbackHandler = samlCallbackHandler;
-    }
-    
-    /**
      * Get the Assertion as a DOM Element.
      * @return the assertion as a DOM Element
      */

Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/OpenSAMLUtil.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/OpenSAMLUtil.java?rev=1066464&r1=1066463&r2=1066464&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/OpenSAMLUtil.java (original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/OpenSAMLUtil.java Wed Feb  2 13:49:43 2011
@@ -24,9 +24,6 @@ import javax.xml.namespace.QName;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.apache.ws.security.WSSecurityException;
-import org.apache.ws.security.util.WSSecurityUtil;
-import org.joda.time.DateTime;
-import org.opensaml.DefaultBootstrap;
 import org.opensaml.xml.*;
 import org.opensaml.xml.io.*;
 import org.opensaml.xml.signature.Signature;
@@ -54,14 +51,18 @@ public class OpenSAMLUtil {
      */
     public synchronized static void initSamlEngine() {
         if (!samlEngineInitialized) {
-            log.debug("Initilizing the opensaml2 library...");
+            if (log.isDebugEnabled()) {
+                log.debug("Initilizing the opensaml2 library...");
+            }
             try {
-                DefaultBootstrap.bootstrap();
+                OpenSAMLBootstrap.bootstrap();
                 builderFactory = Configuration.getBuilderFactory();
                 marshallerFactory = Configuration.getMarshallerFactory();
                 unmarshallerFactory = Configuration.getUnmarshallerFactory();
                 samlEngineInitialized = true;
-                log.debug("opensaml2 library bootstrap complete");
+                if (log.isDebugEnabled()) {
+                    log.debug("opensaml2 library bootstrap complete");
+                }
             } catch (ConfigurationException e) {
                 log.error(
                     "Unable to bootstrap the opensaml2 library - all SAML operations will fail", 
@@ -80,22 +81,11 @@ public class OpenSAMLUtil {
      */
     public static XMLObject fromDom(Element root) throws WSSecurityException {
         Unmarshaller unmarshaller = unmarshallerFactory.getUnmarshaller(root);
-        XMLObject xmlObject = null;
         try {
-            xmlObject = unmarshaller.unmarshall(root);
+            return unmarshaller.unmarshall(root);
         } catch (UnmarshallingException ex) {
             throw new WSSecurityException("Error unmarshalling a SAML assertion", ex);
         }
-
-        if (xmlObject instanceof org.opensaml.saml1.core.Assertion) {
-            log.debug("OpenSAMLUtil: found SAML 1 Assertion");
-        } else if (xmlObject instanceof org.opensaml.saml2.core.Assertion) {
-            log.debug("OpenSAMLUtil: found SAML 2 Assertion");            
-        } else {
-            log.debug("OpenSAMLUtil: found unexpected type " + xmlObject.getClass().getName());
-        }
-
-        return xmlObject;
     }
 
     /**
@@ -121,10 +111,13 @@ public class OpenSAMLUtil {
 
         // Sign the assertion if the signature element is present.
         if (xmlObject instanceof org.opensaml.saml2.core.Assertion) {
-            org.opensaml.saml2.core.Assertion saml2 = (org.opensaml.saml2.core.Assertion) xmlObject;
+            org.opensaml.saml2.core.Assertion saml2 = 
+                (org.opensaml.saml2.core.Assertion) xmlObject;
             // if there is a signature, but it hasn't already been signed
             if (saml2.getSignature() != null) {
-                log.debug("Signing SAML v2.0 assertion...");
+                if (log.isDebugEnabled()) {
+                    log.debug("Signing SAML v2.0 assertion...");
+                }
                 try {
                     Signer.signObject(saml2.getSignature());
                 } catch (SignatureException ex) {
@@ -132,10 +125,13 @@ public class OpenSAMLUtil {
                 }
             }
         } else if (xmlObject instanceof org.opensaml.saml1.core.Assertion) {
-            org.opensaml.saml1.core.Assertion saml1 = (org.opensaml.saml1.core.Assertion) xmlObject;
+            org.opensaml.saml1.core.Assertion saml1 = 
+                (org.opensaml.saml1.core.Assertion) xmlObject;
             // if there is a signature, but it hasn't already been signed
             if (saml1.getSignature() != null) {
-                log.debug("Signing SAML v1.1 assertion...");
+                if (log.isDebugEnabled()) {
+                    log.debug("Signing SAML v1.1 assertion...");
+                }
                 try {
                     Signer.signObject(saml1.getSignature());
                 } catch (SignatureException ex) {
@@ -148,7 +144,9 @@ public class OpenSAMLUtil {
         // with the user-supplied document in the future (for example, when we want to add this
         // element that dom).
         if (doc != null) {
-            log.debug("Reparenting the SAML token dom to type: " + doc.getClass().getName());
+            if (log.isDebugEnabled()) {
+                log.debug("Reparenting the SAML token dom to type: " + doc.getClass().getName());
+            }
             Node importedNode = doc.importNode(element, true);
             element = (Element) importedNode;
         }
@@ -161,27 +159,20 @@ public class OpenSAMLUtil {
      *
      * @return Signature
      */
+    @SuppressWarnings("unchecked")
     public static Signature buildSignature() {
-        return (Signature) buildXMLObject(Signature.DEFAULT_ELEMENT_NAME);
-    }
-
-    /**
-     * Method buildXMLObject ...
-     *
-     * @param objectQName of type QName
-     * @return XMLObject
-     */
-    public static XMLObject buildXMLObject(QName objectQName) {
-        XMLObjectBuilder builder = builderFactory.getBuilder(objectQName);
+        QName qName = Signature.DEFAULT_ELEMENT_NAME;
+        XMLObjectBuilder<Signature> builder = builderFactory.getBuilder(qName);
         if (builder == null) {
-            log.fatal("Unable to retrieve builder for object QName " + objectQName);
+            log.error(
+                "Unable to retrieve builder for object QName " 
+                + qName
+            );
             return null;
         }
         return 
-            builder.buildObject(
-                 objectQName.getNamespaceURI(), 
-                 objectQName.getLocalPart(), 
-                 objectQName.getPrefix()
+            (Signature)builder.buildObject(
+                 qName.getNamespaceURI(), qName.getLocalPart(), qName.getPrefix()
              );
     }
     
@@ -209,47 +200,4 @@ public class OpenSAMLUtil {
                 && confirmMethod.endsWith(":cm:holder-of-key");
     }
 
-    /**
-     * Validate the conditions
-     *
-     * @param notBefore of type DateTime
-     * @param notAfter  of type DateTime
-     */
-    public static void validateConditions(DateTime notBefore, DateTime notAfter) {
-        // Make sure that notBefore is before notAfter
-        log.debug("Validating notBefore and notAfter");
-        if (notBefore.isAfter(notAfter)) {
-            throw new IllegalStateException(
-                "The value of notBefore may not be after the value of notAfter"
-            );
-        }
-    }
-
-    /**
-     * Get the Assertion ID
-     *
-     * @param envelope of type Element
-     * @param elemName of type String
-     * @param nmSpace  of type String
-     * @return the Assertion ID
-     * @throws WSSecurityException
-     */
-    public static String getAssertionId(
-        Element envelope, 
-        String elemName, 
-        String nmSpace
-    ) throws WSSecurityException {
-        Element assertionElement = 
-            (Element) WSSecurityUtil.findElement(envelope, elemName, nmSpace);
-
-        try {
-            AssertionWrapper assertion = new AssertionWrapper(assertionElement);
-            return assertion.getId();
-        } catch (Exception e1) {
-            log.error(e1);
-            throw new WSSecurityException(
-                    WSSecurityException.FAILED_SIGNATURE,
-                    "noXMLSig", null, e1);
-        }
-    }
 }

Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/SAMLCallback.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/SAMLCallback.java?rev=1066464&r1=1066463&r2=1066464&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/SAMLCallback.java (original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/SAMLCallback.java Wed Feb  2 13:49:43 2011
@@ -32,7 +32,7 @@ import java.util.List;
 
 /**
  * Class SAMLCallback will be called by the <code>AssertionWrapper</code> during the creation
- * of SAML statements (authentication, attribute, and auth decision).
+ * of SAML statements (authentication, attribute, and authz decision).
  * <p/>
  * Created on May 18, 2009
  */

Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/ActionBean.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/ActionBean.java?rev=1066464&r1=1066463&r2=1066464&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/ActionBean.java (original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/ActionBean.java Wed Feb  2 13:49:43 2011
@@ -92,4 +92,38 @@ public class ActionBean {
     public void setContents(String contents) {
         this.contents = contents;
     }
+    
+    @Override
+    public boolean equals(Object o) {
+        if (this == o) return true;
+        if (!(o instanceof ActionBean)) return false;
+
+        ActionBean that = (ActionBean) o;
+
+        if (contents == null && that.contents != null) {
+            return false;
+        } else if (contents != null && !contents.equals(that.contents)) {
+            return false;
+        }
+        
+        if (actionNamespace == null && that.actionNamespace != null) {
+            return false;
+        } else if (actionNamespace != null && !actionNamespace.equals(that.actionNamespace)) {
+            return false;
+        }
+
+        return true;
+    }
+
+    @Override
+    public int hashCode() {
+        int result = 0;
+        if (contents != null) {
+            result = 31 * result + contents.hashCode();
+        }
+        if (actionNamespace != null) {
+            result = 31 * result + actionNamespace.hashCode();
+        }
+        return result;
+    }
 }

Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/AttributeBean.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/AttributeBean.java?rev=1066464&r1=1066463&r2=1066464&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/AttributeBean.java (original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/AttributeBean.java Wed Feb  2 13:49:43 2011
@@ -48,7 +48,6 @@ public class AttributeBean {
      * @param attributeValues of type List<String>
      */
     public AttributeBean(String simpleName, String qualifiedName, List<String> attributeValues) {
-        this();
         this.simpleName = simpleName;
         this.qualifiedName = qualifiedName;
         this.attributeValues = attributeValues;
@@ -115,18 +114,39 @@ public class AttributeBean {
 
         AttributeBean that = (AttributeBean) o;
 
-        if (!attributeValues.equals(that.attributeValues)) return false;
-        if (!qualifiedName.equals(that.qualifiedName)) return false;
-        if (!simpleName.equals(that.simpleName)) return false;
+        if (attributeValues == null && that.attributeValues != null) {
+            return false;
+        } else if (attributeValues != null && !attributeValues.equals(that.attributeValues)) {
+            return false;
+        }
+        
+        if (qualifiedName == null && that.qualifiedName != null) {
+            return false;
+        } else if (qualifiedName != null && !qualifiedName.equals(that.qualifiedName)) {
+            return false;
+        }
+        
+        if (simpleName == null && that.simpleName != null) {
+            return false;
+        } else if (simpleName != null && !simpleName.equals(that.simpleName)) {
+            return false;
+        }
 
         return true;
     }
 
     @Override
     public int hashCode() {
-        int result = simpleName.hashCode();
-        result = 31 * result + qualifiedName.hashCode();
-        result = 31 * result + attributeValues.hashCode();
+        int result = 0;
+        if (simpleName != null) {
+            result = 31 * result + simpleName.hashCode();
+        }
+        if (qualifiedName != null) {
+            result = 31 * result + qualifiedName.hashCode();
+        }
+        if (attributeValues != null) {
+            result = 31 * result + attributeValues.hashCode();
+        }
         return result;
     }
 }

Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/AttributeStatementBean.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/AttributeStatementBean.java?rev=1066464&r1=1066463&r2=1066464&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/AttributeStatementBean.java (original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/AttributeStatementBean.java Wed Feb  2 13:49:43 2011
@@ -38,6 +38,19 @@ public class AttributeStatementBean {
     public AttributeStatementBean() {
         attributeBeans = new ArrayList<AttributeBean>();
     }
+    
+    /**
+     * Constructor SamlAttributeStatement creates a new SamlAttributeStatement instance.
+     * @param subject A new SubjectBean instance
+     * @param attributeBeans A list of Attributes
+     */
+    public AttributeStatementBean(
+        SubjectBean subject,
+        List<AttributeBean> attributeBeans
+    ) {
+        this.subject = subject;
+        this.attributeBeans = attributeBeans;
+    }
 
     /**
      * Method getSamlAttributes returns the samlAttributes of this SamlAttributeStatement object.
@@ -81,16 +94,25 @@ public class AttributeStatementBean {
 
         AttributeStatementBean that = (AttributeStatementBean) o;
 
-        if (!attributeBeans.equals(that.attributeBeans)) return false;
-        if (!subject.equals(that.subject)) return false;
+        if (attributeBeans == null && that.attributeBeans != null) {
+            return false;
+        } else if (attributeBeans != null && !attributeBeans.equals(that.attributeBeans)) {
+            return false;
+        }
+        
+        if (subject == null && that.subject != null) {
+            return false;
+        } else if (subject != null && !subject.equals(that.subject)) {
+            return false;
+        }
 
         return true;
     }
 
     @Override
     public int hashCode() {
-        int result = subject.hashCode();
-        result = 31 * result + attributeBeans.hashCode();
+        int result = subject != null ? subject.hashCode() : 0;
+        result = 31 * result + (attributeBeans != null ? attributeBeans.hashCode() : 0);
         return result;
     }
 }

Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/AuthDecisionStatementBean.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/AuthDecisionStatementBean.java?rev=1066464&r1=1066463&r2=1066464&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/AuthDecisionStatementBean.java (original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/AuthDecisionStatementBean.java Wed Feb  2 13:49:43 2011
@@ -73,15 +73,21 @@ public class AuthDecisionStatementBean {
      *
      * @param decision of type Decision
      * @param resource of type String
+     * @param subject of type SubjectBean
+     * @param evidence of type Object
      * @param actionBeans of type List<SamlAction>
      */
     public AuthDecisionStatementBean(
         Decision decision, 
         String resource, 
+        SubjectBean subject,
+        Object evidence,
         List<ActionBean> actionBeans
     ) {
         this.decision = decision;
         this.resource = resource;
+        this.subject = subject;
+        this.evidence = evidence;
         this.actionBeans = actionBeans;
     }
 
@@ -172,4 +178,54 @@ public class AuthDecisionStatementBean {
     public void setSubject(SubjectBean subject) {
         this.subject = subject;
     }
+    
+    @Override
+    public boolean equals(Object o) {
+        if (this == o) return true;
+        if (!(o instanceof AuthDecisionStatementBean)) return false;
+
+        AuthDecisionStatementBean that = (AuthDecisionStatementBean) o;
+
+        if (subject == null && that.subject != null) {
+            return false;
+        } else if (subject != null && !subject.equals(that.subject)) {
+            return false;
+        }
+        
+        if (decision == null && that.decision != null) {
+            return false;
+        } else if (decision != null && !decision.equals(that.decision)) {
+            return false;
+        }
+        
+        if (evidence == null && that.evidence != null) {
+            return false;
+        } else if (evidence != null && !evidence.equals(that.evidence)) {
+            return false;
+        }
+        
+        if (actionBeans == null && that.actionBeans != null) {
+            return false;
+        } else if (actionBeans != null && !actionBeans.equals(that.actionBeans)) {
+            return false;
+        }
+        
+        if (resource == null && that.resource != null) {
+            return false;
+        } else if (resource != null && !resource.equals(that.resource)) {
+            return false;
+        }
+
+        return true;
+    }
+
+    @Override
+    public int hashCode() {
+        int result = subject != null ? subject.hashCode() : 0;
+        result = 31 * result + (decision != null ? decision.hashCode() : 0);
+        result = 31 * result + (evidence != null ? evidence.hashCode() : 0);
+        result = 31 * result + (actionBeans != null ? actionBeans.hashCode() : 0);
+        result = 31 * result + (resource != null ? resource.hashCode() : 0);
+        return result;
+    }
 }

Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/AuthenticationStatementBean.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/AuthenticationStatementBean.java?rev=1066464&r1=1066463&r2=1066464&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/AuthenticationStatementBean.java (original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/AuthenticationStatementBean.java Wed Feb  2 13:49:43 2011
@@ -111,11 +111,26 @@ public class AuthenticationStatementBean
 
         AuthenticationStatementBean that = (AuthenticationStatementBean) o;
 
-        if (authenticationInstant != null ? !authenticationInstant.equals(that.authenticationInstant) : that.authenticationInstant != null)
+        if (authenticationInstant == null && that.authenticationInstant != null) {
             return false;
-        if (authenticationMethod != null ? !authenticationMethod.equals(that.authenticationMethod) : that.authenticationMethod != null)
+        } else if (authenticationInstant != null 
+            && !authenticationInstant.equals(that.authenticationInstant)) {
             return false;
-        if (subject != null ? !subject.equals(that.subject) : that.subject != null) return false;
+        }
+        
+        if (authenticationMethod == null && that.authenticationMethod != null) {
+            return false;
+        } else if (authenticationMethod != null 
+            && !authenticationMethod.equals(that.authenticationMethod)) {
+            return false;
+        }
+        
+        if (subject == null && that.subject != null) {
+            return false;
+        } else if (subject != null 
+            && !subject.equals(that.subject)) {
+            return false;
+        }
 
         return true;
     }

Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/ConditionsBean.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/ConditionsBean.java?rev=1066464&r1=1066463&r2=1066464&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/ConditionsBean.java (original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/ConditionsBean.java Wed Feb  2 13:49:43 2011
@@ -132,21 +132,34 @@ public class ConditionsBean {
         ConditionsBean that = (ConditionsBean) o;
 
         if (tokenPeriodMinutes != that.tokenPeriodMinutes) return false;
-        if (!notBefore.equals(that.notBefore)) return false;
-        if (!notAfter.equals(that.notAfter)) return false; 
+        
+        if (notBefore == null && that.notBefore != null) {
+            return false;
+        } else if (notBefore != null && !notBefore.equals(that.notBefore)) {
+            return false;
+        }
+        
+        if (notAfter == null && that.notAfter != null) {
+            return false;
+        } else if (notAfter != null && !notAfter.equals(that.notAfter)) {
+            return false; 
+        }
 
         return true;
     }
 
     /**
-     * Method hashCode ...
-     * @return int
+     * @return the hashcode of this object
      */
     @Override
     public int hashCode() {
         int result = tokenPeriodMinutes;
-        result = 31 * result + notBefore.hashCode();
-        result = 31 * result + notAfter.hashCode();
+        if (notBefore != null) {
+            result = 31 * result + notBefore.hashCode();
+        }
+        if (notAfter != null) {
+            result = 31 * result + notAfter.hashCode();
+        }
         return result;
     }
 }

Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/KeyInfoBean.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/KeyInfoBean.java?rev=1066464&r1=1066463&r2=1066464&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/KeyInfoBean.java (original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/KeyInfoBean.java Wed Feb  2 13:49:43 2011
@@ -130,24 +130,43 @@ public class KeyInfoBean {
 
         KeyInfoBean that = (KeyInfoBean) o;
 
-        if (cert != null && !cert.equals(that.cert)) return false;
         if (certIdentifier != that.certIdentifier) return false;
-        if (publicKey != null && !publicKey.equals(that.publicKey)) return false;
-        if (keyInfoElement != null && !keyInfoElement.equals(that.keyInfoElement)) return false;
+        if (cert == null && that.cert != null) {
+            return false;
+        } else if (cert != null && !cert.equals(that.cert)) {
+            return false;
+        }
+        
+        if (publicKey == null && that.publicKey != null) {
+            return false;
+        } else if (publicKey != null && !publicKey.equals(that.publicKey)) {
+            return false;
+        }
+        
+        if (keyInfoElement == null && that.keyInfoElement != null) {
+            return false;
+        } else if (keyInfoElement != null && !keyInfoElement.equals(that.keyInfoElement)) {
+            return false;
+        }
 
         return true;
     }
 
     /**
-     * Method hashCode ...
-     * @return int
+     * @return the hashCode of this object
      */
     @Override
     public int hashCode() {
-        int result = cert.hashCode();
-        result = 31 * result + certIdentifier.hashCode();
-        result = 31 * result + publicKey.hashCode();
-        result = 31 * result + keyInfoElement.hashCode();
+        int result = certIdentifier.hashCode();
+        if (cert != null) {
+            result = 31 * result + cert.hashCode();
+        }
+        if (publicKey != null) {
+            result = 31 * result + publicKey.hashCode();
+        }
+        if (keyInfoElement != null) {
+            result = 31 * result + keyInfoElement.hashCode();
+        }
         return result;
     }
 }

Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/SubjectBean.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/SubjectBean.java?rev=1066464&r1=1066463&r2=1066464&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/SubjectBean.java (original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/bean/SubjectBean.java Wed Feb  2 13:49:43 2011
@@ -142,24 +142,53 @@ public class SubjectBean {
 
         SubjectBean that = (SubjectBean) o;
 
-        if (!subjectName.equals(that.subjectName)) return false;
-        if (!subjectNameQualifier.equals(that.subjectNameQualifier)) return false;
-        if (!subjectConfirmationMethod.equals(that.subjectConfirmationMethod)) return false;
-        if (keyInfo != null && !keyInfo.equals(that.keyInfo)) return false;
+        if (subjectName == null && that.subjectName != null) {
+            return false;
+        } else if (subjectName != null && !subjectName.equals(that.subjectName)) {
+            return false;
+        }
+        
+        if (subjectNameQualifier == null && that.subjectNameQualifier != null) {
+            return false;
+        } else if (subjectNameQualifier != null && 
+            !subjectNameQualifier.equals(that.subjectNameQualifier)) {
+            return false;
+        }
+        
+        if (subjectConfirmationMethod == null && that.subjectConfirmationMethod != null) {
+            return false;
+        } else if (subjectConfirmationMethod != null && 
+            !subjectConfirmationMethod.equals(that.subjectConfirmationMethod)) {
+            return false;
+        }
+        
+        if (keyInfo == null && that.keyInfo != null) {
+            return false;
+        } else if (keyInfo != null && !keyInfo.equals(that.keyInfo)) {
+            return false;
+        }
 
         return true;
     }
 
     /**
-     * Method hashCode ...
-     * @return int
+     * @return the hashcode of this object
      */
     @Override
     public int hashCode() {
-        int result = subjectName.hashCode();
-        result = 31 * result + subjectNameQualifier.hashCode();
-        result = 31 * result + subjectConfirmationMethod.hashCode();
-        result = 31 * result + keyInfo.hashCode();
+        int result = 0;
+        if (subjectName != null) {
+            result = subjectName.hashCode();
+        }
+        if (subjectNameQualifier != null) {
+            result = 31 * result + subjectNameQualifier.hashCode();
+        }
+        if (subjectConfirmationMethod != null) {
+            result = 31 * result + subjectConfirmationMethod.hashCode();
+        }
+        if (keyInfo != null) {
+            result = 31 * result + keyInfo.hashCode();
+        }
         return result;
     }
 }

Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/builder/SAML1ComponentBuilder.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/builder/SAML1ComponentBuilder.java?rev=1066464&r1=1066463&r2=1066464&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/builder/SAML1ComponentBuilder.java (original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/builder/SAML1ComponentBuilder.java Wed Feb  2 13:49:43 2011
@@ -103,6 +103,7 @@ public class SAML1ComponentBuilder {
      * @param issuer of type String
      * @return A SAML 1.1 assertion
      */
+    @SuppressWarnings("unchecked")
     public static Assertion createSamlv1Assertion(String issuer) {
         if (assertionV1Builder == null) {
             assertionV1Builder = (SAMLObjectBuilder<Assertion>) 
@@ -133,6 +134,7 @@ public class SAML1ComponentBuilder {
      * @param subjectBean A SubjectBean instance
      * @return A Saml 1.1 subject
      */
+    @SuppressWarnings("unchecked")
     public static Subject createSaml1v1Subject(SubjectBean subjectBean) 
         throws org.opensaml.xml.security.SecurityException, WSSecurityException {
         if (subjectV1Builder == null) {
@@ -224,6 +226,7 @@ public class SAML1ComponentBuilder {
      * @param conditionsBean A ConditionsBean object
      * @return a Conditions object
      */
+    @SuppressWarnings("unchecked")
     public static Conditions createSamlv1Conditions(ConditionsBean conditionsBean) {
         if (conditionsV1Builder == null) {
             conditionsV1Builder = (SAMLObjectBuilder<Conditions>) 
@@ -244,7 +247,11 @@ public class SAML1ComponentBuilder {
         DateTime notAfter = conditionsBean.getNotAfter();
         
         if (notBefore != null && notAfter != null) {
-            OpenSAMLUtil.validateConditions(notBefore, notAfter);
+            if (notBefore.isAfter(notAfter)) {
+                throw new IllegalStateException(
+                    "The value of notBefore may not be after the value of notAfter"
+                );
+            }
             conditions.setNotBefore(notBefore);
             conditions.setNotOnOrAfter(notAfter);
         } else {
@@ -261,6 +268,7 @@ public class SAML1ComponentBuilder {
      * @param authBeans A list of AuthenticationStatementBean objects
      * @return a list of SAML 1.1 authentication statement(s)
      */
+    @SuppressWarnings("unchecked")
     public static List<AuthenticationStatement> createSamlv1AuthenticationStatement(
         List<AuthenticationStatementBean> authBeans
     ) throws org.opensaml.xml.security.SecurityException, WSSecurityException {
@@ -325,6 +333,7 @@ public class SAML1ComponentBuilder {
      * @param attributeData A list of AttributeStatementBean instances
      * @return a list of SAML 1.1 attribute statement(s)
      */
+    @SuppressWarnings("unchecked")
     public static List<AttributeStatement> createSamlv1AttributeStatement(
         List<AttributeStatementBean> attributeData
     ) throws org.opensaml.xml.security.SecurityException, WSSecurityException {
@@ -368,6 +377,7 @@ public class SAML1ComponentBuilder {
      * @param values the Attribute Values
      * @return a SAML 1.1 attribute
      */
+    @SuppressWarnings("unchecked")
     public static Attribute createSamlv1Attribute(
         String attributeName, 
         String attributeUrn,
@@ -402,6 +412,7 @@ public class SAML1ComponentBuilder {
      * @param decisionData        of type Map
      * @return a list of SAML 1.1 Authorization Decision Statement(s)
      */
+    @SuppressWarnings("unchecked")
     public static List<AuthorizationDecisionStatement> createSamlv1AuthorizationDecisionStatement(
             List<AuthDecisionStatementBean> decisionData) 
         throws org.opensaml.xml.security.SecurityException, WSSecurityException {
@@ -441,6 +452,7 @@ public class SAML1ComponentBuilder {
      * @param actionBean of type SamlAction
      * @return an Action object
      */
+    @SuppressWarnings("unchecked")
     public static Action createSamlv1Action(ActionBean actionBean) {
         if (actionElementV1Builder == null) {
             actionElementV1Builder = (SAMLObjectBuilder<Action>)

Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/builder/SAML2ComponentBuilder.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/builder/SAML2ComponentBuilder.java?rev=1066464&r1=1066463&r2=1066464&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/builder/SAML2ComponentBuilder.java (original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/ext/builder/SAML2ComponentBuilder.java Wed Feb  2 13:49:43 2011
@@ -20,7 +20,6 @@
 package org.apache.ws.security.saml.ext.builder;
 
 import org.apache.ws.security.WSSecurityException;
-import org.apache.ws.security.saml.ext.OpenSAMLUtil;
 import org.apache.ws.security.saml.ext.bean.ActionBean;
 import org.apache.ws.security.saml.ext.bean.AttributeBean;
 import org.apache.ws.security.saml.ext.bean.AttributeStatementBean;
@@ -115,6 +114,7 @@ public class SAML2ComponentBuilder {
      *
      * @return a SAML 2 assertion
      */
+    @SuppressWarnings("unchecked")
     public static Assertion createAssertion() {
         if (assertionBuilder == null) {
             assertionBuilder = (SAMLObjectBuilder<Assertion>) 
@@ -140,6 +140,7 @@ public class SAML2ComponentBuilder {
      * @param issuerValue of type String
      * @return an Issuer object
      */
+    @SuppressWarnings("unchecked")
     public static Issuer createIssuer(String issuerValue) {
         if (issuerBuilder == null) {
             issuerBuilder = (SAMLObjectBuilder<Issuer>) 
@@ -160,6 +161,7 @@ public class SAML2ComponentBuilder {
      * @param conditionsBean A ConditionsBean object
      * @return a Conditions object
      */
+    @SuppressWarnings("unchecked")
     public static Conditions createConditions(ConditionsBean conditionsBean) {
         if (conditionsBuilder == null) {
             conditionsBuilder = (SAMLObjectBuilder<Conditions>) 
@@ -180,7 +182,11 @@ public class SAML2ComponentBuilder {
         DateTime notAfter = conditionsBean.getNotAfter();
         
         if (notBefore != null && notAfter != null) {
-            OpenSAMLUtil.validateConditions(notBefore, notAfter);
+            if (notBefore.isAfter(notAfter)) {
+                throw new IllegalStateException(
+                    "The value of notBefore may not be after the value of notAfter"
+                );
+            }
             conditions.setNotBefore(notBefore);
             conditions.setNotOnOrAfter(notAfter);
         } else {
@@ -197,6 +203,7 @@ public class SAML2ComponentBuilder {
      * @param audienceURI of type String
      * @return an AudienceRestriction object
      */
+    @SuppressWarnings("unchecked")
     public static AudienceRestriction createAudienceRestriction(String audienceURI) {
         if (audienceRestrictionBuilder == null) {
             audienceRestrictionBuilder = (SAMLObjectBuilder<AudienceRestriction>) 
@@ -220,6 +227,7 @@ public class SAML2ComponentBuilder {
      * @param authBeans A list of AuthenticationStatementBean instances
      * @return SAML 2 Authentication Statement(s).
      */
+    @SuppressWarnings("unchecked")
     public static List<AuthnStatement> createAuthnStatement(
         List<AuthenticationStatementBean> authBeans
     ) {
@@ -308,6 +316,7 @@ public class SAML2ComponentBuilder {
      * @param subjectConfirmation of type SubjectConfirmation
      * @return a Subject
      */
+    @SuppressWarnings("unchecked")
     public static Subject createSaml2Subject(SubjectBean subjectBean) 
         throws org.opensaml.xml.security.SecurityException, WSSecurityException {
         if (subjectBuilder == null) {
@@ -349,6 +358,7 @@ public class SAML2ComponentBuilder {
      * @param keyInfoBean of type KeyInfoBean
      * @return a SubjectConfirmationData object
      */
+    @SuppressWarnings("unchecked")
     public static SubjectConfirmationData createSubjectConfirmationData(
         String inResponseTo, 
         String recipient, 
@@ -397,6 +407,7 @@ public class SAML2ComponentBuilder {
      * @param subjectConfirmationData of type SubjectConfirmationData
      * @return a SubjectConfirmation object
      */
+    @SuppressWarnings("unchecked")
     public static SubjectConfirmation createSubjectConfirmation(
         String method,
         SubjectConfirmationData subjectConfirmationData
@@ -427,6 +438,7 @@ public class SAML2ComponentBuilder {
      * @param subject A SubjectBean instance
      * @return NameID
      */
+    @SuppressWarnings("unchecked")
     public static NameID createNameID(SubjectBean subject) {
         if (nameIdBuilder == null) {
             nameIdBuilder = (SAMLObjectBuilder<NameID>) 
@@ -446,6 +458,7 @@ public class SAML2ComponentBuilder {
      * @param attributeData A list of AttributeStatementBean instances
      * @return SAML2 Attribute Statement(s)
      */
+    @SuppressWarnings("unchecked")
     public static List<AttributeStatement> createAttributeStatement(
         List<AttributeStatementBean> attributeData
     ) {
@@ -485,6 +498,7 @@ public class SAML2ComponentBuilder {
      * @param name of type String
      * @return an Attribute object
      */
+    @SuppressWarnings("unchecked")
     public static Attribute createAttribute(String friendlyName, String name) {
         if (attributeBuilder == null) {
             attributeBuilder = (SAMLObjectBuilder<Attribute>)
@@ -504,6 +518,7 @@ public class SAML2ComponentBuilder {
      * @param decisionData A list of AuthDecisionStatementBean instances
      * @return SAML2 AuthorizationDecisionStatement(s)
      */
+    @SuppressWarnings("unchecked")
     public static List<AuthzDecisionStatement> createAuthorizationDecisionStatement(
         List<AuthDecisionStatementBean> decisionData
     ) {
@@ -541,6 +556,7 @@ public class SAML2ComponentBuilder {
      * @param actionBean An ActionBean instance
      * @return an Action object
      */
+    @SuppressWarnings("unchecked")
     public static Action createSamlAction(ActionBean actionBean) {
         if (actionElementBuilder == null) {
             actionElementBuilder = (SAMLObjectBuilder<Action>)

Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/handler/ResultsOrderTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/handler/ResultsOrderTest.java?rev=1066464&r1=1066463&r2=1066464&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/handler/ResultsOrderTest.java (original)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/handler/ResultsOrderTest.java Wed Feb  2 13:49:43 2011
@@ -23,6 +23,7 @@ import org.apache.ws.security.WSConstant
 import org.apache.ws.security.WSSecurityEngineResult;
 
 import org.apache.ws.security.common.CustomHandler;
+import org.apache.ws.security.message.token.Timestamp;
 
 
 /**
@@ -40,16 +41,16 @@ public class ResultsOrderTest extends or
         
         java.util.List<WSSecurityEngineResult> results = new java.util.ArrayList<WSSecurityEngineResult>();
         results.add(
-            new WSSecurityEngineResult(WSConstants.UT, (Object)null)
+            new WSSecurityEngineResult(WSConstants.UT, (Timestamp)null)
         );
         results.add(
-            new WSSecurityEngineResult(WSConstants.TS, (Object)null)
+            new WSSecurityEngineResult(WSConstants.TS, (Timestamp)null)
         );
         results.add(
-            new WSSecurityEngineResult(WSConstants.SC, (Object)null)
+            new WSSecurityEngineResult(WSConstants.SC, (Timestamp)null)
         );
         results.add(
-            new WSSecurityEngineResult(WSConstants.SIGN, (Object)null)
+            new WSSecurityEngineResult(WSConstants.SIGN, (Timestamp)null)
         );
         
         java.util.List<Integer> actions = new java.util.ArrayList<Integer>();
@@ -70,16 +71,16 @@ public class ResultsOrderTest extends or
         
         java.util.List<WSSecurityEngineResult> results = new java.util.ArrayList<WSSecurityEngineResult>();
         results.add(
-            new WSSecurityEngineResult(WSConstants.SIGN, (Object)null)
+            new WSSecurityEngineResult(WSConstants.SIGN, (Timestamp)null)
         );
         results.add(
-            new WSSecurityEngineResult(WSConstants.SC, (Object)null)
+            new WSSecurityEngineResult(WSConstants.SC, (Timestamp)null)
         );
         results.add(
-            new WSSecurityEngineResult(WSConstants.TS, (Object)null)
+            new WSSecurityEngineResult(WSConstants.TS, (Timestamp)null)
         );
         results.add(
-            new WSSecurityEngineResult(WSConstants.UT, (Object)null)
+            new WSSecurityEngineResult(WSConstants.UT, (Timestamp)null)
         );
         
         java.util.List<Integer> actions = new java.util.ArrayList<Integer>();
@@ -102,16 +103,16 @@ public class ResultsOrderTest extends or
         java.util.List<WSSecurityEngineResult> results = 
             new java.util.ArrayList<WSSecurityEngineResult>();
         results.add(
-            new WSSecurityEngineResult(WSConstants.TS, (Object)null)
+            new WSSecurityEngineResult(WSConstants.TS, (Timestamp)null)
         );
         results.add(
-            new WSSecurityEngineResult(WSConstants.SIGN, (Object)null)
+            new WSSecurityEngineResult(WSConstants.SIGN, (Timestamp)null)
         );
         results.add(
-            new WSSecurityEngineResult(WSConstants.SC, (Object)null)
+            new WSSecurityEngineResult(WSConstants.SC, (Timestamp)null)
         );
         results.add(
-            new WSSecurityEngineResult(WSConstants.UT, (Object)null)
+            new WSSecurityEngineResult(WSConstants.UT, (Timestamp)null)
         );
         
         java.util.List<Integer> actions = new java.util.ArrayList<Integer>();
@@ -134,16 +135,16 @@ public class ResultsOrderTest extends or
         java.util.List<WSSecurityEngineResult> results = 
             new java.util.ArrayList<WSSecurityEngineResult>();
         results.add(
-            new WSSecurityEngineResult(WSConstants.TS, (Object)null)
+            new WSSecurityEngineResult(WSConstants.TS, (Timestamp)null)
         );
         results.add(
-            new WSSecurityEngineResult(WSConstants.SIGN, (Object)null)
+            new WSSecurityEngineResult(WSConstants.SIGN, (Timestamp)null)
         );
         results.add(
-            new WSSecurityEngineResult(WSConstants.SC, (Object)null)
+            new WSSecurityEngineResult(WSConstants.SC, (Timestamp)null)
         );
         results.add(
-            new WSSecurityEngineResult(WSConstants.UT, (Object)null)
+            new WSSecurityEngineResult(WSConstants.UT, (Timestamp)null)
         );
         
         java.util.List<Integer> actions = new java.util.ArrayList<Integer>();
@@ -165,13 +166,13 @@ public class ResultsOrderTest extends or
         java.util.List<WSSecurityEngineResult> results = 
             new java.util.ArrayList<WSSecurityEngineResult>();
         results.add(
-            new WSSecurityEngineResult(WSConstants.UT, (Object)null)
+            new WSSecurityEngineResult(WSConstants.UT, (Timestamp)null)
         );
         results.add(
-            new WSSecurityEngineResult(WSConstants.TS, (Object)null)
+            new WSSecurityEngineResult(WSConstants.TS, (Timestamp)null)
         );
         results.add(
-            new WSSecurityEngineResult(WSConstants.SC, (Object)null)
+            new WSSecurityEngineResult(WSConstants.SC, (Timestamp)null)
         );
         
         java.util.List<Integer> actions = new java.util.ArrayList<Integer>();
@@ -193,16 +194,16 @@ public class ResultsOrderTest extends or
         java.util.List<WSSecurityEngineResult> results = 
             new java.util.ArrayList<WSSecurityEngineResult>();
         results.add(
-            new WSSecurityEngineResult(WSConstants.UT, (Object)null)
+            new WSSecurityEngineResult(WSConstants.UT, (Timestamp)null)
         );
         results.add(
-            new WSSecurityEngineResult(WSConstants.TS, (Object)null)
+            new WSSecurityEngineResult(WSConstants.TS, (Timestamp)null)
         );
         results.add(
-            new WSSecurityEngineResult(WSConstants.SIGN, (Object)null)
+            new WSSecurityEngineResult(WSConstants.SIGN, (Timestamp)null)
         );
         results.add(
-            new WSSecurityEngineResult(WSConstants.SC, (Object)null)
+            new WSSecurityEngineResult(WSConstants.SC, (Timestamp)null)
         );
         
         java.util.List<Integer> actions = new java.util.ArrayList<Integer>();
@@ -240,7 +241,7 @@ public class ResultsOrderTest extends or
         java.util.List<WSSecurityEngineResult> results = 
             new java.util.ArrayList<WSSecurityEngineResult>();
         results.add(
-            new WSSecurityEngineResult(WSConstants.TS, (Object)null)
+            new WSSecurityEngineResult(WSConstants.TS, (Timestamp)null)
         );
         
         java.util.List<Integer> actions = new java.util.ArrayList<Integer>();
@@ -259,13 +260,13 @@ public class ResultsOrderTest extends or
         java.util.List<WSSecurityEngineResult> results = 
             new java.util.ArrayList<WSSecurityEngineResult>();
         results.add(
-            new WSSecurityEngineResult(WSConstants.ENCR, (Object)null)
+            new WSSecurityEngineResult(WSConstants.ENCR, (Timestamp)null)
         );
         results.add(
-            new WSSecurityEngineResult(WSConstants.UT, (Object)null)
+            new WSSecurityEngineResult(WSConstants.UT, (Timestamp)null)
         );
         results.add(
-            new WSSecurityEngineResult(WSConstants.ENCR, (Object)null)
+            new WSSecurityEngineResult(WSConstants.ENCR, (Timestamp)null)
         );
         
         java.util.List<Integer> actions = new java.util.ArrayList<Integer>();

Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SamlNegativeTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SamlNegativeTest.java?rev=1066464&r1=1066463&r2=1066464&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SamlNegativeTest.java (original)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SamlNegativeTest.java Wed Feb  2 13:49:43 2011
@@ -24,7 +24,6 @@ import org.apache.ws.security.saml.SAMLI
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.apache.ws.security.WSConstants;
-import org.apache.ws.security.WSDataRef;
 import org.apache.ws.security.WSSecurityEngine;
 import org.apache.ws.security.WSSecurityEngineResult;
 import org.apache.ws.security.WSSecurityException;
@@ -41,12 +40,10 @@ import org.apache.ws.security.message.WS
 import org.apache.ws.security.message.WSSecSAMLToken;
 import org.apache.ws.security.saml.ext.AssertionWrapper;
 import org.apache.ws.security.saml.ext.SAMLCallback;
-import org.apache.ws.security.saml.ext.bean.KeyInfoBean;
 import org.apache.ws.security.saml.ext.bean.SubjectBean;
 import org.apache.ws.security.saml.ext.builder.SAML1Constants;
 import org.apache.ws.security.saml.ext.builder.SAML2Constants;
 import org.apache.ws.security.util.Loader;
-import org.apache.ws.security.util.WSSecurityUtil;
 import org.w3c.dom.Document;
 
 import javax.security.auth.callback.Callback;
@@ -330,7 +327,6 @@ public class SamlNegativeTest extends or
      * is rejected in processing as the signature on the assertion is not trusted.
      */
     @org.junit.Test
-    @SuppressWarnings("unchecked")
     public void testSAML2TrustFailure() throws Exception {
         SAML2CallbackHandler callbackHandler = new SAML2CallbackHandler();
         callbackHandler.setStatement(SAML2CallbackHandler.Statement.AUTHN);

Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SamlTokenTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SamlTokenTest.java?rev=1066464&r1=1066463&r2=1066464&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SamlTokenTest.java (original)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SamlTokenTest.java Wed Feb  2 13:49:43 2011
@@ -23,11 +23,15 @@ import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 
 import org.apache.ws.security.WSConstants;
+import org.apache.ws.security.WSSConfig;
 import org.apache.ws.security.WSSecurityEngine;
 import org.apache.ws.security.WSSecurityEngineResult;
+import org.apache.ws.security.common.CustomHandler;
 import org.apache.ws.security.common.SAML1CallbackHandler;
 import org.apache.ws.security.common.SAML2CallbackHandler;
 import org.apache.ws.security.common.SOAPUtil;
+import org.apache.ws.security.handler.RequestData;
+import org.apache.ws.security.handler.WSHandlerConstants;
 import org.apache.ws.security.message.WSSecHeader;
 import org.apache.ws.security.message.WSSecSAMLToken;
 import org.apache.ws.security.saml.SAMLIssuerFactory;
@@ -301,6 +305,48 @@ public class SamlTokenTest extends org.j
     }
 
     /**
+     * This test checks that an unsigned SAML1 sender-vouches authentication assertion
+     * can be created by the WSHandler implementation 
+     */
+    @org.junit.Test
+    public void testSaml1Action() throws Exception {
+        final WSSConfig cfg = WSSConfig.getNewInstance();
+        final int action = WSConstants.ST_UNSIGNED;
+        final RequestData reqData = new RequestData();
+        reqData.setWssConfig(cfg);
+        java.util.Map<String, Object> config = new java.util.TreeMap<String, Object>();
+        config.put(WSHandlerConstants.SAML_PROP_FILE, "saml_sv.properties");
+        reqData.setMsgContext(config);
+        
+        final java.util.List<Integer> actions = new java.util.ArrayList<Integer>();
+        actions.add(new Integer(action));
+        final Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
+        CustomHandler handler = new CustomHandler();
+        handler.send(
+            action, 
+            doc, 
+            reqData, 
+            actions,
+            true
+        );
+        String outputString = 
+            org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(doc);
+        if (LOG.isDebugEnabled()) {
+            LOG.debug("Unsigned SAML 1.1 authentication assertion via an Action:");
+            LOG.debug(outputString);
+        }
+        assertFalse (outputString.contains("Signature"));
+        
+        List<WSSecurityEngineResult> results = verify(doc);
+        WSSecurityEngineResult actionResult =
+            WSSecurityUtil.fetchActionResult(results, WSConstants.ST_UNSIGNED);
+        AssertionWrapper receivedAssertion = 
+            (AssertionWrapper) actionResult.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
+        assertTrue(receivedAssertion != null);
+        assert !receivedAssertion.isSigned();
+    }
+    
+    /**
      * Verifies the soap envelope
      * <p/>
      * 

Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SignedSamlTokenHOKTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SignedSamlTokenHOKTest.java?rev=1066464&r1=1066463&r2=1066464&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SignedSamlTokenHOKTest.java (original)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SignedSamlTokenHOKTest.java Wed Feb  2 13:49:43 2011
@@ -19,7 +19,6 @@
 
 package org.apache.ws.security.saml;
 
-import org.apache.ws.security.saml.SAMLIssuerFactory;
 import org.apache.ws.security.saml.SAMLIssuer;
 
 import org.apache.commons.logging.Log;



Mime
View raw message