ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1445567 - in /webservices/wss4j/branches/1_6_x-fixes/src: main/java/org/apache/ws/security/action/ main/java/org/apache/ws/security/handler/ test/java/org/apache/ws/security/message/
Date Wed, 13 Feb 2013 12:17:45 GMT
Author: coheigea
Date: Wed Feb 13 12:17:44 2013
New Revision: 1445567

URL: http://svn.apache.org/r1445567
Log:
[WSS-424] - Signature Element is not inserted in the correct place in the header in certain
circumstances

Modified:
    webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/action/SignatureAction.java
    webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/handler/RequestData.java
    webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/handler/WSHandler.java
    webservices/wss4j/branches/1_6_x-fixes/src/test/java/org/apache/ws/security/message/SignatureTest.java

Modified: webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/action/SignatureAction.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/action/SignatureAction.java?rev=1445567&r1=1445566&r2=1445567&view=diff
==============================================================================
--- webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/action/SignatureAction.java
(original)
+++ webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/action/SignatureAction.java
Wed Feb 13 12:17:44 2013
@@ -30,7 +30,6 @@ import org.apache.ws.security.WSSecurity
 import org.apache.ws.security.handler.RequestData;
 import org.apache.ws.security.handler.WSHandler;
 import org.apache.ws.security.message.WSSecSignature;
-import org.apache.ws.security.util.WSSecurityUtil;
 
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
@@ -75,17 +74,22 @@ public class SignatureAction implements 
                 } else if (reqData.isAppendSignatureAfterTimestamp()
                         && WSConstants.WSU_NS.equals(part.getNamespace()) 
                         && "Timestamp".equals(part.getName())) {
-                    List<Element> elements = 
-                        WSSecurityUtil.findElements(
-                            doc.getDocumentElement(), part.getName(), part.getNamespace()
-                        );
-                    if (elements != null && !elements.isEmpty()) {
-                        Element timestampElement = elements.get(0);
-                        Node child = timestampElement.getNextSibling();
-                        while (child != null && child.getNodeType() != Node.ELEMENT_NODE)
{
-                            child = child.getNextSibling();
+                    int originalSignatureActionIndex = 
+                        reqData.getOriginalSignatureActionPosition();
+                    // Need to figure out where to put the Signature Element in the header
+                    if (originalSignatureActionIndex > 0) {
+                        Element secHeader = reqData.getSecHeader().getSecurityHeader();
+                        Node lastChild = secHeader.getLastChild();
+                        int count = 0;
+                        while (lastChild != null && count < originalSignatureActionIndex)
{
+                            while (lastChild != null && lastChild.getNodeType() !=
Node.ELEMENT_NODE) {
+                                lastChild = lastChild.getPreviousSibling();
+                            }
+                            count++;
+                        }
+                        if (lastChild instanceof Element) {
+                            siblingElementToPrepend = (Element)lastChild;
                         }
-                        siblingElementToPrepend = (Element)child;
                     }
                 }
             }

Modified: webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/handler/RequestData.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/handler/RequestData.java?rev=1445567&r1=1445566&r2=1445567&view=diff
==============================================================================
--- webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/handler/RequestData.java
(original)
+++ webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/handler/RequestData.java
Wed Feb 13 12:17:44 2013
@@ -86,6 +86,7 @@ public class RequestData {
     private ReplayCache nonceReplayCache;
     private Collection<Pattern> subjectDNPatterns = new ArrayList<Pattern>();
     private boolean appendSignatureAfterTimestamp;
+    private int originalSignatureActionPosition;
     private AlgorithmSuite algorithmSuite;
     private AlgorithmSuite samlAlgorithmSuite;
 
@@ -116,6 +117,7 @@ public class RequestData {
         appendSignatureAfterTimestamp = false;
         algorithmSuite = null;
         samlAlgorithmSuite = null;
+        setOriginalSignatureActionPosition(0);
     }
 
     public Object getMsgContext() {
@@ -542,5 +544,13 @@ public class RequestData {
     public void setSamlAlgorithmSuite(AlgorithmSuite samlAlgorithmSuite) {
         this.samlAlgorithmSuite = samlAlgorithmSuite;
     }
+
+    public int getOriginalSignatureActionPosition() {
+        return originalSignatureActionPosition;
+    }
+
+    public void setOriginalSignatureActionPosition(int originalSignatureActionPosition) {
+        this.originalSignatureActionPosition = originalSignatureActionPosition;
+    }
         
 }

Modified: webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/handler/WSHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/handler/WSHandler.java?rev=1445567&r1=1445566&r2=1445567&view=diff
==============================================================================
--- webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/handler/WSHandler.java
(original)
+++ webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/handler/WSHandler.java
Wed Feb 13 12:17:44 2013
@@ -204,9 +204,11 @@ public abstract class WSHandler {
             if (signTimestamp) {
                 actionsToPerform = new ArrayList<Integer>(actions);
                 Collections.copy(actionsToPerform, actions);
-                actionsToPerform.remove(actions.indexOf(WSConstants.SIGN));
+                int signatureIndex = actions.indexOf(WSConstants.SIGN);
+                actionsToPerform.remove(signatureIndex);
                 actionsToPerform.add(WSConstants.SIGN);
                 reqData.setAppendSignatureAfterTimestamp(true);
+                reqData.setOriginalSignatureActionPosition(signatureIndex);
             }
         }
         

Modified: webservices/wss4j/branches/1_6_x-fixes/src/test/java/org/apache/ws/security/message/SignatureTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/1_6_x-fixes/src/test/java/org/apache/ws/security/message/SignatureTest.java?rev=1445567&r1=1445566&r2=1445567&view=diff
==============================================================================
--- webservices/wss4j/branches/1_6_x-fixes/src/test/java/org/apache/ws/security/message/SignatureTest.java
(original)
+++ webservices/wss4j/branches/1_6_x-fixes/src/test/java/org/apache/ws/security/message/SignatureTest.java
Wed Feb 13 12:17:44 2013
@@ -726,6 +726,84 @@ public class SignatureTest extends org.j
         List<WSSecurityEngineResult> results = verify(doc);
         assertTrue(handler.checkResults(results, actions));
     }
+    
+    @org.junit.Test
+    public void
+    testSignatureEncryptTimestampOrder() throws Exception {
+        final WSSConfig cfg = WSSConfig.getNewInstance();
+        final int action = WSConstants.SIGN | WSConstants.ENCR | WSConstants.TS;
+        final RequestData reqData = new RequestData();
+        reqData.setWssConfig(cfg);
+        reqData.setUsername("16c73ab6-b892-458f-abf5-2f875f74882e");
+        
+        java.util.Map<String, Object> config = new java.util.TreeMap<String, Object>();
+        config.put(WSHandlerConstants.SIG_PROP_FILE, "crypto.properties");
+        config.put(WSHandlerConstants.ENC_PROP_FILE, "crypto.properties");
+        config.put("password", "security");
+        config.put(
+            WSHandlerConstants.SIGNATURE_PARTS, "{}{" + WSConstants.WSU_NS + "}Timestamp"
+        );
+        reqData.setMsgContext(config);
+        
+        final java.util.List<Integer> actions = new java.util.ArrayList<Integer>();
+        actions.add(Integer.valueOf(WSConstants.SIGN));
+        actions.add(Integer.valueOf(WSConstants.ENCR));
+        actions.add(Integer.valueOf(WSConstants.TS));
+        final Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
+        CustomHandler handler = new CustomHandler();
+        handler.send(
+            action, 
+            doc, 
+            reqData, 
+            actions,
+            true
+        );
+        String outputString = 
+            org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(doc);
+        if (LOG.isDebugEnabled()) {
+            LOG.debug("Signed message:");
+            LOG.debug(outputString);
+        }
+    }
+    
+    @org.junit.Test
+    public void
+    testEncryptSignatureTimestampOrder() throws Exception {
+        final WSSConfig cfg = WSSConfig.getNewInstance();
+        final int action = WSConstants.ENCR | WSConstants.SIGN | WSConstants.TS;
+        final RequestData reqData = new RequestData();
+        reqData.setWssConfig(cfg);
+        reqData.setUsername("16c73ab6-b892-458f-abf5-2f875f74882e");
+        
+        java.util.Map<String, Object> config = new java.util.TreeMap<String, Object>();
+        config.put(WSHandlerConstants.SIG_PROP_FILE, "crypto.properties");
+        config.put(WSHandlerConstants.ENC_PROP_FILE, "crypto.properties");
+        config.put("password", "security");
+        config.put(
+            WSHandlerConstants.SIGNATURE_PARTS, "{}{" + WSConstants.WSU_NS + "}Timestamp"
+        );
+        reqData.setMsgContext(config);
+        
+        final java.util.List<Integer> actions = new java.util.ArrayList<Integer>();
+        actions.add(Integer.valueOf(WSConstants.ENCR));
+        actions.add(Integer.valueOf(WSConstants.SIGN));
+        actions.add(Integer.valueOf(WSConstants.TS));
+        final Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
+        CustomHandler handler = new CustomHandler();
+        handler.send(
+            action, 
+            doc, 
+            reqData, 
+            actions,
+            true
+        );
+        String outputString = 
+            org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(doc);
+        if (LOG.isDebugEnabled()) {
+            LOG.debug("Signed message:");
+            LOG.debug(outputString);
+        }
+    }
 
     /**
      * Verifies the soap envelope.



Mime
View raw message