ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1162806 - in /webservices/wss4j/trunk/src/main/java/org/apache/ws/security: message/token/SecurityContextToken.java processor/SecurityContextTokenProcessor.java validate/Credential.java
Date Mon, 29 Aug 2011 13:57:21 GMT
Author: coheigea
Date: Mon Aug 29 13:57:20 2011
New Revision: 1162806

URL: http://svn.apache.org/viewvc?rev=1162806&view=rev
Log:
Add the ability to use a Validator implementation to validate a SecurityContextToken

Modified:
    webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/token/SecurityContextToken.java
    webservices/wss4j/trunk/src/main/java/org/apache/ws/security/processor/SecurityContextTokenProcessor.java
    webservices/wss4j/trunk/src/main/java/org/apache/ws/security/validate/Credential.java

Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/token/SecurityContextToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/token/SecurityContextToken.java?rev=1162806&r1=1162805&r2=1162806&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/token/SecurityContextToken.java
(original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/token/SecurityContextToken.java
Mon Aug 29 13:57:20 2011
@@ -191,7 +191,7 @@ public class SecurityContextToken {
     /**
      * Returns the dom element of this <code>SecurityContextToken</code> object.
      *
-     * @return the <code>wsse:UsernameToken</code> element
+     * @return the <code>wsse:SecurityContextToken</code> element
      */
     public Element getElement() {
         return element;

Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/processor/SecurityContextTokenProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/processor/SecurityContextTokenProcessor.java?rev=1162806&r1=1162805&r2=1162806&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/processor/SecurityContextTokenProcessor.java
(original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/processor/SecurityContextTokenProcessor.java
Mon Aug 29 13:57:20 2011
@@ -26,11 +26,14 @@ import org.apache.ws.security.WSSecurity
 import org.apache.ws.security.WSSecurityException;
 import org.apache.ws.security.handler.RequestData;
 import org.apache.ws.security.message.token.SecurityContextToken;
+import org.apache.ws.security.validate.Credential;
+import org.apache.ws.security.validate.Validator;
 import org.w3c.dom.Element;
 
 import javax.security.auth.callback.Callback;
 import javax.security.auth.callback.CallbackHandler;
 import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.xml.namespace.QName;
 
 import java.util.List;
 import java.io.IOException;
@@ -48,13 +51,28 @@ public class SecurityContextTokenProcess
         WSDocInfo wsDocInfo 
     ) throws WSSecurityException {
         SecurityContextToken sct = new SecurityContextToken(elem);
-        byte[] secret = getSecret(data.getCallbackHandler(), sct);
         
+        Validator validator = 
+            data.getValidator(new QName(elem.getNamespaceURI(), elem.getLocalName()));
+
         WSSecurityEngineResult result =
             new WSSecurityEngineResult(WSConstants.SCT, sct);
+        if (validator != null) {
+            // Hook to allow the user to validate the SecurityContextToken
+            Credential credential = new Credential();
+            credential.setSecurityContextToken(sct);
+            
+            Credential returnedCredential = validator.validate(credential, data);
+            result.put(WSSecurityEngineResult.TAG_VALIDATED_TOKEN, Boolean.TRUE);
+            result.put(WSSecurityEngineResult.TAG_ID, sct.getID());
+            result.put(WSSecurityEngineResult.TAG_SECRET, returnedCredential.getSecretKey());
+        } else {
+            byte[] secret = getSecret(data.getCallbackHandler(), sct);
+            result.put(WSSecurityEngineResult.TAG_ID, sct.getID());
+            result.put(WSSecurityEngineResult.TAG_SECRET, secret);
+        }
+        
         wsDocInfo.addTokenElement(elem);
-        result.put(WSSecurityEngineResult.TAG_ID, sct.getID());
-        result.put(WSSecurityEngineResult.TAG_SECRET, secret);
         wsDocInfo.addResult(result);
         return java.util.Collections.singletonList(result);
     }

Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/validate/Credential.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/validate/Credential.java?rev=1162806&r1=1162805&r2=1162806&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/validate/Credential.java
(original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/validate/Credential.java
Mon Aug 29 13:57:20 2011
@@ -24,6 +24,7 @@ import java.security.PublicKey;
 import java.security.cert.X509Certificate;
 
 import org.apache.ws.security.message.token.BinarySecurity;
+import org.apache.ws.security.message.token.SecurityContextToken;
 import org.apache.ws.security.message.token.Timestamp;
 import org.apache.ws.security.message.token.UsernameToken;
 import org.apache.ws.security.saml.ext.AssertionWrapper;
@@ -42,10 +43,27 @@ public class Credential {
     private BinarySecurity binarySecurityToken;
     private AssertionWrapper assertion;
     private AssertionWrapper transformedToken;
+    private SecurityContextToken securityContextToken;
     private Principal principal;
     private byte[] secretKey;
     
     /**
+     * Set a SecurityContextToken to be validated
+     * @param securityContextToken a SecurityContextToken to be validated
+     */
+    public void setSecurityContextToken(SecurityContextToken securityContextToken) {
+        this.securityContextToken = securityContextToken;
+    }
+    
+    /**
+     * Get a SecurityContextToken to be validated
+     * @return a SecurityContextToken to be validated
+     */
+    public SecurityContextToken getSecurityContextToken() {
+        return securityContextToken;
+    }
+    
+    /**
      * Set a SecretKey (byte[]) to be validated
      * @param secretKey a SecretKey (byte) to be validated
      */



Mime
View raw message