ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1102245 - in /webservices/wss4j/trunk/src: main/java/org/apache/ws/security/message/WSSecEncrypt.java main/java/org/apache/ws/security/processor/ReferenceListProcessor.java test/java/org/apache/ws/security/message/EncryptionPartsTest.java
Date Thu, 12 May 2011 11:27:19 GMT
Author: coheigea
Date: Thu May 12 11:27:19 2011
New Revision: 1102245

URL: http://svn.apache.org/viewvc?rev=1102245&view=rev
Log:
[WSS-284] - Improvements to wsse11:EncryptedHeader support

Modified:
    webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecEncrypt.java
    webservices/wss4j/trunk/src/main/java/org/apache/ws/security/processor/ReferenceListProcessor.java
    webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/EncryptionPartsTest.java

Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecEncrypt.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecEncrypt.java?rev=1102245&r1=1102244&r2=1102245&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecEncrypt.java
(original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecEncrypt.java
Thu May 12 11:27:19 2011
@@ -38,6 +38,7 @@ import org.w3c.dom.Attr;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
 import org.w3c.dom.NamedNodeMap;
+import org.w3c.dom.Node;
 
 import javax.crypto.KeyGenerator;
 import javax.crypto.SecretKey;
@@ -297,7 +298,6 @@ public class WSSecEncrypt extends WSSecE
         return doc;
     }
     
-    
     /**
      * Encrypt one or more parts or elements of the message.
      * 
@@ -319,8 +319,10 @@ public class WSSecEncrypt extends WSSecE
      * @return Returns the updated <code>xenc:Reference</code> element
      * @throws WSSecurityException
      */
-    public Element encryptForRef(Element dataRef, List<WSEncryptionPart> references)
-        throws WSSecurityException {
+    public Element encryptForRef(
+        Element dataRef, 
+        List<WSEncryptionPart> references
+    ) throws WSSecurityException {
 
         KeyInfo keyInfo = createKeyInfo();
         List<String> encDataRefs = 
@@ -389,7 +391,6 @@ public class WSSecEncrypt extends WSSecE
         WSSecurityUtil.prependChildElement(secHeader.getSecurityHeader(), dataRef);
     }
 
-
     /**
      * Perform encryption on the SOAP envelope.
      * @param doc The document containing the SOAP envelope as document element
@@ -443,7 +444,7 @@ public class WSSecEncrypt extends WSSecE
             for (Element elementToEncrypt : elementsToEncrypt) {
                 String id = 
                     encryptElement(doc, elementToEncrypt, modifier, config, xmlCipher, 
-                                secretKey, keyInfo);
+                                   secretKey, keyInfo);
                 encPart.setEncId(id);
                 encDataRef.add("#" + id);
             }
@@ -481,6 +482,7 @@ public class WSSecEncrypt extends WSSecE
         String xencEncryptedDataId = 
             config.getIdAllocator().createId("ED-", elementToEncrypt);
         try {
+            String headerId = "";
             if (modifier.equals("Header")) {
                 Element elem = 
                     doc.createElementNS(
@@ -489,22 +491,21 @@ public class WSSecEncrypt extends WSSecE
                 WSSecurityUtil.setNamespace(elem, WSConstants.WSSE11_NS, WSConstants.WSSE11_PREFIX);
                 String wsuPrefix = 
                     WSSecurityUtil.setNamespace(elem, WSConstants.WSU_NS, WSConstants.WSU_PREFIX);
+                headerId = config.getIdAllocator().createId("EH-", elementToEncrypt);
                 elem.setAttributeNS(
-                    WSConstants.WSU_NS, wsuPrefix + ":Id", 
-                    config.getIdAllocator().createId("EH-", elementToEncrypt)
+                    WSConstants.WSU_NS, wsuPrefix + ":Id", headerId
                 );
                 //
                 // Add the EncryptedHeader node to the element to be encrypted's parent
                 // (i.e. the SOAP header). Add the element to be encrypted to the Encrypted
                 // Header node as well
                 //
-                elementToEncrypt.getParentNode().appendChild(elem);
-                elementToEncrypt = 
-                    (Element)elementToEncrypt.getParentNode().removeChild(elementToEncrypt);
-                elementToEncrypt = (Element)elem.appendChild(elementToEncrypt);
+                Node parent = elementToEncrypt.getParentNode();
+                elementToEncrypt = (Element)parent.replaceChild(elem, elementToEncrypt);
+                elem.appendChild(elementToEncrypt);
                 
                 NamedNodeMap map = elementToEncrypt.getAttributes();
-                for (int i = 0 ; i < map.getLength() ; i++) {
+                for (int i = 0; i < map.getLength(); i++) {
                     Attr attr = (Attr)map.item(i);
                     if (attr.getNamespaceURI().equals(WSConstants.URI_SOAP11_ENV)
                         || attr.getNamespaceURI().equals(WSConstants.URI_SOAP12_ENV)) { 
                       
@@ -556,16 +557,12 @@ public class WSSecEncrypt extends WSSecE
         } else if (WSConstants.WSS_SAML_KI_VALUE_TYPE.equals(customReferenceValue)) {
             SecurityTokenReference secToken = new SecurityTokenReference(document);
             secToken.addTokenType(WSConstants.WSS_SAML_TOKEN_TYPE);
-            secToken.setKeyIdentifier(
-                WSConstants.WSS_SAML_KI_VALUE_TYPE, (encKeyIdDirectId ? "":"#") + encKeyId
-            );
+            secToken.setKeyIdentifier(WSConstants.WSS_SAML_KI_VALUE_TYPE, encKeyId);
             keyInfo.addUnknownElement(secToken.getElement());
         } else if (WSConstants.WSS_SAML2_KI_VALUE_TYPE.equals(customReferenceValue)) {
             SecurityTokenReference secToken = new SecurityTokenReference(document);
             secToken.addTokenType(WSConstants.WSS_SAML2_TOKEN_TYPE);
-            secToken.setKeyIdentifier(
-                WSConstants.WSS_SAML2_KI_VALUE_TYPE, (encKeyIdDirectId ? "":"#") + encKeyId
-            );
+            secToken.setKeyIdentifier(WSConstants.WSS_SAML2_KI_VALUE_TYPE, encKeyId);
             keyInfo.addUnknownElement(secToken.getElement());
         } else if (securityTokenReference != null) {
             Element tmpE = securityTokenReference.getElement();

Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/processor/ReferenceListProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/processor/ReferenceListProcessor.java?rev=1102245&r1=1102244&r2=1102245&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/processor/ReferenceListProcessor.java
(original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/processor/ReferenceListProcessor.java
Thu May 12 11:27:19 2011
@@ -243,6 +243,14 @@ public class ReferenceListProcessor impl
                 WSSecurityException.INVALID_SECURITY, "dataRef", new Object[] {dataRefURI}
             );
         }
+        if (encryptedDataElement.getLocalName().equals(WSConstants.ENCRYPTED_HEADER)
+            && encryptedDataElement.getNamespaceURI().equals(WSConstants.WSSE11_NS))
{
+            Node child = encryptedDataElement.getFirstChild();
+            while (child != null && child.getNodeType() != Node.ELEMENT_NODE) {
+                child = child.getNextSibling();
+            }
+            return (Element)child;
+        }
         return encryptedDataElement;
     }
 
@@ -297,11 +305,11 @@ public class ReferenceListProcessor impl
             && parent.getNamespaceURI().equals(WSConstants.WSSE11_NS)) {
                 
             Node decryptedHeader = parent.getFirstChild();
-            Element decryptedHeaderClone = (Element)decryptedHeader.cloneNode(true);    
       
-            parent.getParentNode().appendChild(decryptedHeaderClone);
-            parent.getParentNode().removeChild(parent);
-            dataRef.setProtectedElement(decryptedHeaderClone);
-            dataRef.setXpath(getXPath(decryptedHeaderClone));
+            Node soapHeader = parent.getParentNode();
+            soapHeader.replaceChild(decryptedHeader, parent);
+
+            dataRef.setProtectedElement((Element)decryptedHeader);
+            dataRef.setXpath(getXPath(decryptedHeader));
         } else if (content) {
             dataRef.setProtectedElement(encData);
             dataRef.setXpath(getXPath(encData));

Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/EncryptionPartsTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/EncryptionPartsTest.java?rev=1102245&r1=1102244&r2=1102245&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/EncryptionPartsTest.java
(original)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/EncryptionPartsTest.java
Thu May 12 11:27:19 2011
@@ -51,7 +51,9 @@ public class EncryptionPartsTest extends
     private static final String SOAPMSG = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>"
+
             "<soapenv:Envelope xmlns:foo=\"urn:foo.bar\" xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\"
xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\">"
+
             "   <soapenv:Header>" +
+            "       <foo:bar1>baz1</foo:bar1>" + 
             "       <foo:foobar>baz</foo:foobar>" + 
+            "       <foo:bar2>baz2</foo:bar2>" +
             "   </soapenv:Header>" +
             "   <soapenv:Body>" +
             "      <ns1:testMethod xmlns:ns1=\"http://axis/service/security/test6/LogTestService8\"></ns1:testMethod>"
+



Mime
View raw message