ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From gi...@apache.org
Subject svn commit: r1490977 [1/4] - in /webservices/wss4j/trunk: ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/ ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/ ws-security-policy-stax/src/test/java/org/...
Date Sat, 08 Jun 2013 13:20:19 GMT
Author: giger
Date: Sat Jun  8 13:20:18 2013
New Revision: 1490977

URL: http://svn.apache.org/r1490977
Log:
- WSS-442
- Cleanup KeyIdentifier
- SecurityToken refactorings


Added:
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509IssuerSerialTokenImpl.java
      - copied, changed from r1485168, webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509DataSecurityTokenImpl.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509SKISecurityTokenImpl.java
      - copied, changed from r1485168, webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509SubjectKeyIdentifierSecurityTokenImpl.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509ThumbprintSHA1SecurityTokenImpl.java
      - copied, changed from r1485168, webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/ThumbprintSHA1SecurityTokenImpl.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509V3SecurityTokenImpl.java
      - copied, changed from r1485168, webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509_V3SecurityTokenImpl.java
Removed:
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/ThumbprintSHA1SecurityTokenImpl.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509DataSecurityTokenImpl.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509SubjectKeyIdentifierSecurityTokenImpl.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509_V3SecurityTokenImpl.java
Modified:
    webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/PolicyEnforcer.java
    webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/HttpsTokenAssertionState.java
    webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/IssuedTokenAssertionState.java
    webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/KerberosTokenAssertionState.java
    webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/KeyValueTokenAssertionState.java
    webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/RelTokenAssertionState.java
    webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/SamlTokenAssertionState.java
    webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/SecureConversationTokenAssertionState.java
    webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/SecurityContextTokenAssertionState.java
    webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/SpnegoContextTokenAssertionState.java
    webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/TokenAssertionState.java
    webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/TokenProtectionAssertionState.java
    webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/UsernameTokenAssertionState.java
    webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/X509TokenAssertionState.java
    webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/AbstractPolicyTestBase.java
    webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/AsymmetricBindingIntegrationTest.java
    webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/IssuedTokenTest.java
    webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/KerberosTokenTest.java
    webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/SamlTokenTest.java
    webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/SupportingTokensTest.java
    webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/SymmetricBindingTest.java
    webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/TransportBindingIntegrationTest.java
    webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/UsernameTokenTest.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/InboundWSSecurityContextImpl.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/DerivedKeyTokenInputHandler.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SAMLTokenInputHandler.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SecurityTokenReferenceInputHandler.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/DsaKeyValueSecurityTokenImpl.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/ECKeyValueSecurityTokenImpl.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/EncryptedKeySha1SecurityTokenImpl.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/HttpsSecurityTokenImpl.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/KerberosServiceSecurityTokenImpl.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/RsaKeyValueSecurityTokenImpl.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/SamlSecurityTokenImpl.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/SecureConversationSecurityTokenImpl.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/SecurityTokenFactoryImpl.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/SecurityTokenReferenceImpl.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/UsernameSecurityTokenImpl.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509DefaultSecurityTokenImpl.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509PKIPathv1SecurityTokenImpl.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/X509SecurityTokenImpl.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/securityToken/WSSecurityTokenConstants.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/BinarySecurityTokenValidatorImpl.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/SamlTokenValidatorImpl.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/SecurityContextTokenValidatorImpl.java
    webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/InboundWSSecurityContextImplTest.java

Modified: webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/PolicyEnforcer.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/PolicyEnforcer.java?rev=1490977&r1=1490976&r2=1490977&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/PolicyEnforcer.java
(original)
+++ webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/PolicyEnforcer.java
Sat Jun  8 13:20:18 2013
@@ -126,6 +126,7 @@ public class PolicyEnforcer implements S
 
     public PolicyEnforcer(List<OperationPolicy> operationPolicies, String soapAction,
boolean initiator) throws WSSPolicyException {
         this.operationPolicies = operationPolicies;
+        this.initiator = initiator;
         assertionStateMap = new LinkedList<Map<SecurityEventConstants.Event, Map<Assertion,
List<Assertable>>>>();
         failedAssertionStateMap = new LinkedList<Map<SecurityEventConstants.Event,
Map<Assertion, List<Assertable>>>>();
 
@@ -135,7 +136,6 @@ public class PolicyEnforcer implements S
                 buildAssertionStateMap(effectivePolicy.getPolicy(), assertionStateMap);
             }
         }
-        this.initiator = initiator;
     }
 
     private OperationPolicy findPolicyBySOAPAction(List<OperationPolicy> operationPolicies,
String soapAction) {
@@ -268,27 +268,27 @@ public class PolicyEnforcer implements S
         } else if (abstractSecurityAssertion instanceof RequiredParts) {
             assertableList.add(new RequiredPartsAssertionState(abstractSecurityAssertion,
false));
         } else if (abstractSecurityAssertion instanceof UsernameToken) {
-            assertableList.add(new UsernameTokenAssertionState(abstractSecurityAssertion,
false));
+            assertableList.add(new UsernameTokenAssertionState(abstractSecurityAssertion,
false, initiator));
         } else if (abstractSecurityAssertion instanceof IssuedToken) {
-            assertableList.add(new IssuedTokenAssertionState(abstractSecurityAssertion, false));
+            assertableList.add(new IssuedTokenAssertionState(abstractSecurityAssertion, false,
initiator));
         } else if (abstractSecurityAssertion instanceof X509Token) {
-            assertableList.add(new X509TokenAssertionState(abstractSecurityAssertion, false));
+            assertableList.add(new X509TokenAssertionState(abstractSecurityAssertion, false,
initiator));
         } else if (abstractSecurityAssertion instanceof KerberosToken) {
-            assertableList.add(new KerberosTokenAssertionState(abstractSecurityAssertion,
false));
+            assertableList.add(new KerberosTokenAssertionState(abstractSecurityAssertion,
false, initiator));
         } else if (abstractSecurityAssertion instanceof SpnegoContextToken) {
-            assertableList.add(new SpnegoContextTokenAssertionState(abstractSecurityAssertion,
false));
+            assertableList.add(new SpnegoContextTokenAssertionState(abstractSecurityAssertion,
false, initiator));
         } else if (abstractSecurityAssertion instanceof SecureConversationToken) {
-            assertableList.add(new SecureConversationTokenAssertionState(abstractSecurityAssertion,
false));
+            assertableList.add(new SecureConversationTokenAssertionState(abstractSecurityAssertion,
false, initiator));
         } else if (abstractSecurityAssertion instanceof SecurityContextToken) {
-            assertableList.add(new SecurityContextTokenAssertionState(abstractSecurityAssertion,
false));
+            assertableList.add(new SecurityContextTokenAssertionState(abstractSecurityAssertion,
false, initiator));
         } else if (abstractSecurityAssertion instanceof SamlToken) {
-            assertableList.add(new SamlTokenAssertionState(abstractSecurityAssertion, false));
+            assertableList.add(new SamlTokenAssertionState(abstractSecurityAssertion, false,
initiator));
         } else if (abstractSecurityAssertion instanceof RelToken) {
-            assertableList.add(new RelTokenAssertionState(abstractSecurityAssertion, false));
+            assertableList.add(new RelTokenAssertionState(abstractSecurityAssertion, false,
initiator));
         } else if (abstractSecurityAssertion instanceof HttpsToken) {
-            assertableList.add(new HttpsTokenAssertionState(abstractSecurityAssertion, false));
+            assertableList.add(new HttpsTokenAssertionState(abstractSecurityAssertion, false,
initiator));
         } else if (abstractSecurityAssertion instanceof KeyValueToken) {
-            assertableList.add(new KeyValueTokenAssertionState(abstractSecurityAssertion,
false));
+            assertableList.add(new KeyValueTokenAssertionState(abstractSecurityAssertion,
false, initiator));
         } else if (abstractSecurityAssertion instanceof AlgorithmSuite) {
             //initialized with asserted=true because we do negative matching
             assertableList.add(new AlgorithmSuiteAssertionState(abstractSecurityAssertion,
true));

Modified: webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/HttpsTokenAssertionState.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/HttpsTokenAssertionState.java?rev=1490977&r1=1490976&r2=1490977&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/HttpsTokenAssertionState.java
(original)
+++ webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/HttpsTokenAssertionState.java
Sat Jun  8 13:20:18 2013
@@ -34,8 +34,8 @@ import org.apache.wss4j.stax.securityEve
 
 public class HttpsTokenAssertionState extends TokenAssertionState {
 
-    public HttpsTokenAssertionState(AbstractSecurityAssertion assertion, boolean asserted)
{
-        super(assertion, asserted);
+    public HttpsTokenAssertionState(AbstractSecurityAssertion assertion, boolean asserted,
boolean initiator) {
+        super(assertion, asserted, initiator);
     }
 
     @Override

Modified: webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/IssuedTokenAssertionState.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/IssuedTokenAssertionState.java?rev=1490977&r1=1490976&r2=1490977&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/IssuedTokenAssertionState.java
(original)
+++ webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/IssuedTokenAssertionState.java
Sat Jun  8 13:20:18 2013
@@ -51,8 +51,8 @@ import java.util.Map;
 
 public class IssuedTokenAssertionState extends TokenAssertionState {
 
-    public IssuedTokenAssertionState(AbstractSecurityAssertion assertion, boolean asserted)
{
-        super(assertion, asserted);
+    public IssuedTokenAssertionState(AbstractSecurityAssertion assertion, boolean asserted,
boolean initiator) {
+        super(assertion, asserted, initiator);
     }
 
     @Override

Modified: webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/KerberosTokenAssertionState.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/KerberosTokenAssertionState.java?rev=1490977&r1=1490976&r2=1490977&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/KerberosTokenAssertionState.java
(original)
+++ webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/KerberosTokenAssertionState.java
Sat Jun  8 13:20:18 2013
@@ -36,8 +36,8 @@ import org.apache.wss4j.stax.securityEve
 
 public class KerberosTokenAssertionState extends TokenAssertionState {
 
-    public KerberosTokenAssertionState(AbstractSecurityAssertion assertion, boolean asserted)
{
-        super(assertion, asserted);
+    public KerberosTokenAssertionState(AbstractSecurityAssertion assertion, boolean asserted,
boolean initiator) {
+        super(assertion, asserted, initiator);
     }
 
     @Override

Modified: webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/KeyValueTokenAssertionState.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/KeyValueTokenAssertionState.java?rev=1490977&r1=1490976&r2=1490977&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/KeyValueTokenAssertionState.java
(original)
+++ webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/KeyValueTokenAssertionState.java
Sat Jun  8 13:20:18 2013
@@ -35,8 +35,8 @@ import org.apache.wss4j.stax.securityEve
 
 public class KeyValueTokenAssertionState extends TokenAssertionState {
 
-    public KeyValueTokenAssertionState(AbstractSecurityAssertion assertion, boolean asserted)
{
-        super(assertion, asserted);
+    public KeyValueTokenAssertionState(AbstractSecurityAssertion assertion, boolean asserted,
boolean initiator) {
+        super(assertion, asserted, initiator);
     }
 
     @Override

Modified: webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/RelTokenAssertionState.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/RelTokenAssertionState.java?rev=1490977&r1=1490976&r2=1490977&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/RelTokenAssertionState.java
(original)
+++ webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/RelTokenAssertionState.java
Sat Jun  8 13:20:18 2013
@@ -34,8 +34,8 @@ import org.apache.wss4j.stax.securityEve
 
 public class RelTokenAssertionState extends TokenAssertionState {
 
-    public RelTokenAssertionState(AbstractSecurityAssertion assertion, boolean asserted)
{
-        super(assertion, asserted);
+    public RelTokenAssertionState(AbstractSecurityAssertion assertion, boolean asserted,
boolean initiator) {
+        super(assertion, asserted, initiator);
     }
 
     @Override

Modified: webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/SamlTokenAssertionState.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/SamlTokenAssertionState.java?rev=1490977&r1=1490976&r2=1490977&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/SamlTokenAssertionState.java
(original)
+++ webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/SamlTokenAssertionState.java
Sat Jun  8 13:20:18 2013
@@ -38,8 +38,8 @@ import org.apache.xml.security.stax.secu
 
 public class SamlTokenAssertionState extends TokenAssertionState {
 
-    public SamlTokenAssertionState(AbstractSecurityAssertion assertion, boolean asserted)
{
-        super(assertion, asserted);
+    public SamlTokenAssertionState(AbstractSecurityAssertion assertion, boolean asserted,
boolean initiator) {
+        super(assertion, asserted, initiator);
     }
 
     @Override

Modified: webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/SecureConversationTokenAssertionState.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/SecureConversationTokenAssertionState.java?rev=1490977&r1=1490976&r2=1490977&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/SecureConversationTokenAssertionState.java
(original)
+++ webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/SecureConversationTokenAssertionState.java
Sat Jun  8 13:20:18 2013
@@ -34,8 +34,8 @@ import org.apache.wss4j.stax.securityEve
 
 public class SecureConversationTokenAssertionState extends TokenAssertionState {
 
-    public SecureConversationTokenAssertionState(AbstractSecurityAssertion assertion, boolean
asserted) {
-        super(assertion, asserted);
+    public SecureConversationTokenAssertionState(AbstractSecurityAssertion assertion, boolean
asserted, boolean initiator) {
+        super(assertion, asserted, initiator);
     }
 
     @Override

Modified: webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/SecurityContextTokenAssertionState.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/SecurityContextTokenAssertionState.java?rev=1490977&r1=1490976&r2=1490977&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/SecurityContextTokenAssertionState.java
(original)
+++ webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/SecurityContextTokenAssertionState.java
Sat Jun  8 13:20:18 2013
@@ -34,8 +34,8 @@ import org.apache.wss4j.stax.securityEve
 
 public class SecurityContextTokenAssertionState extends TokenAssertionState {
 
-    public SecurityContextTokenAssertionState(AbstractSecurityAssertion assertion, boolean
asserted) {
-        super(assertion, asserted);
+    public SecurityContextTokenAssertionState(AbstractSecurityAssertion assertion, boolean
asserted, boolean initiator) {
+        super(assertion, asserted, initiator);
     }
 
     @Override

Modified: webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/SpnegoContextTokenAssertionState.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/SpnegoContextTokenAssertionState.java?rev=1490977&r1=1490976&r2=1490977&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/SpnegoContextTokenAssertionState.java
(original)
+++ webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/SpnegoContextTokenAssertionState.java
Sat Jun  8 13:20:18 2013
@@ -34,8 +34,8 @@ import org.apache.wss4j.stax.securityEve
 
 public class SpnegoContextTokenAssertionState extends TokenAssertionState {
 
-    public SpnegoContextTokenAssertionState(AbstractSecurityAssertion assertion, boolean
asserted) {
-        super(assertion, asserted);
+    public SpnegoContextTokenAssertionState(AbstractSecurityAssertion assertion, boolean
asserted, boolean initiator) {
+        super(assertion, asserted, initiator);
     }
 
     @Override

Modified: webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/TokenAssertionState.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/TokenAssertionState.java?rev=1490977&r1=1490976&r2=1490977&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/TokenAssertionState.java
(original)
+++ webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/TokenAssertionState.java
Sat Jun  8 13:20:18 2013
@@ -41,8 +41,11 @@ public abstract class TokenAssertionStat
     //todo? WSP1.3 5.2.3 Required Claims
     //todo derived keys?
 
-    public TokenAssertionState(AbstractSecurityAssertion assertion, boolean asserted) {
+    private boolean initiator;
+
+    public TokenAssertionState(AbstractSecurityAssertion assertion, boolean asserted, boolean
initiator) {
         super(assertion, asserted);
+        this.initiator = initiator;
     }
 
     @Override
@@ -65,7 +68,15 @@ public abstract class TokenAssertionStat
         while (tokenUsageIterator.hasNext()) {
             WSSecurityTokenConstants.TokenUsage tokenUsage = tokenUsageIterator.next();
             if (WSSecurityTokenConstants.TokenUsage_MainSignature.equals(tokenUsage)) {
-                if (!(parentAssertion instanceof InitiatorToken)
+                if (initiator && !(parentAssertion instanceof RecipientToken)
+                        && !(parentAssertion instanceof RecipientSignatureToken)
+                        && !(parentAssertion instanceof SignatureToken)
+                        && !(parentAssertion instanceof ProtectionToken)
+                        && !(parentAssertion instanceof TransportToken)) {
+                    ignoreToken++;
+                    continue loop;
+                }
+                else if (!initiator && !(parentAssertion instanceof InitiatorToken)
                         && !(parentAssertion instanceof InitiatorSignatureToken)
                         && !(parentAssertion instanceof SignatureToken)
                         && !(parentAssertion instanceof ProtectionToken)
@@ -76,7 +87,15 @@ public abstract class TokenAssertionStat
             } else if (WSSecurityTokenConstants.TokenUsage_Signature.equals(tokenUsage))
{
                     throw new WSSPolicyException("Illegal token usage!");
             } else if (WSSecurityTokenConstants.TokenUsage_MainEncryption.equals(tokenUsage))
{
-                if (!(parentAssertion instanceof RecipientToken)
+                if (initiator && !(parentAssertion instanceof InitiatorToken)
+                        && !(parentAssertion instanceof InitiatorEncryptionToken)
+                        && !(parentAssertion instanceof EncryptionToken)
+                        && !(parentAssertion instanceof ProtectionToken)
+                        && !(parentAssertion instanceof TransportToken)) {
+                    ignoreToken++;
+                    continue loop;
+                }
+                else if (!initiator && !(parentAssertion instanceof RecipientToken)
                         && !(parentAssertion instanceof RecipientEncryptionToken)
                         && !(parentAssertion instanceof EncryptionToken)
                         && !(parentAssertion instanceof ProtectionToken)
@@ -130,9 +149,40 @@ public abstract class TokenAssertionStat
         //WSP1.3, 5.1 Token Inclusion
         //todo do we need a global token cache to fullfill ".../IncludeToken/Once" ?
         SPConstants.IncludeTokenType includeTokenType = abstractToken.getIncludeTokenType();
-        if (includeTokenType == SPConstants.IncludeTokenType.INCLUDE_TOKEN_NEVER) {
-            setErrorMessage("Token must not be included");
-            asserted = false;
+        boolean isIncludedInMessage = tokenSecurityEvent.getSecurityToken().isIncludedInMessage();
+        switch (includeTokenType) {
+            case INCLUDE_TOKEN_NEVER:
+                if (isIncludedInMessage) {
+                    setErrorMessage("Token must not be included");
+                    asserted = false;
+                }
+                break;
+            case INCLUDE_TOKEN_ONCE:
+                break;
+            case INCLUDE_TOKEN_ALWAYS_TO_RECIPIENT:
+                if (initiator && isIncludedInMessage) {
+                    setErrorMessage("Token must not be included");
+                    asserted = false;
+                } else if (!initiator && !isIncludedInMessage) {
+                    setErrorMessage("Token must be included");
+                    asserted = false;
+                }
+                break;
+            case INCLUDE_TOKEN_ALWAYS_TO_INITIATOR:
+                if (initiator && !isIncludedInMessage) {
+                    setErrorMessage("Token must be included");
+                    asserted = false;
+                } else if (!initiator && isIncludedInMessage) {
+                    setErrorMessage("Token must not be included");
+                    asserted = false;
+                }
+                break;
+            case INCLUDE_TOKEN_ALWAYS:
+                if (!isIncludedInMessage) {
+                    setErrorMessage("Token must be included");
+                    asserted = false;
+                }
+                break;
         }
 
         //WSP1.3, 5.3 Token Properties

Modified: webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/TokenProtectionAssertionState.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/TokenProtectionAssertionState.java?rev=1490977&r1=1490976&r2=1490977&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/TokenProtectionAssertionState.java
(original)
+++ webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/TokenProtectionAssertionState.java
Sat Jun  8 13:20:18 2013
@@ -96,7 +96,8 @@ public class TokenProtectionAssertionSta
                     securityToken = securityToken.getKeyWrappingToken();
                 }
 
-                if (isSignatureToken(securityToken)) {
+                //a token can only be signed if it is included in the message:
+                if (securityToken.isIncludedInMessage() && isSignatureToken(securityToken))
{
                     //[WSP1.3_8.9]
                     boolean signsItsSignatureToken = signsItsSignatureToken(securityToken);
                     if (protectTokens && !signsItsSignatureToken) {
@@ -183,7 +184,7 @@ public class TokenProtectionAssertionSta
                     signingSecurityToken = signingSecurityToken.getKeyWrappingToken();
                 }
                 //todo ATM me just check if the token signs a signature but we don't know
if it's the main signature
-                if (signingSecurityToken == securityToken) {
+                if (signingSecurityToken != null && signingSecurityToken.getId().equals(securityToken.getId()))
{
                     return true;
                 }
             }
@@ -202,7 +203,7 @@ public class TokenProtectionAssertionSta
                     signingSecurityToken = signingSecurityToken.getKeyWrappingToken();
                 }
 
-                if (signingSecurityToken == securityToken) {
+                if (signingSecurityToken != null && signingSecurityToken.getId().equals(securityToken.getId()))
{
                     return true;
                 }
             }
@@ -234,7 +235,7 @@ public class TokenProtectionAssertionSta
                         while (elementSignatureToken != null && elementSignatureToken.getKeyWrappingToken()
!= null) {
                             elementSignatureToken = elementSignatureToken.getKeyWrappingToken();
                         }
-                        if (signedElementSecurityEvent.getSecurityToken() == securityToken)
{
+                        if (elementSignatureToken != null && elementSignatureToken.getId().equals(securityToken.getId()))
{
                             if (!signedElements.contains(signedElementSecurityEvent)) {
                                 signedElements.add(signedElementSecurityEvent);
                             }

Modified: webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/UsernameTokenAssertionState.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/UsernameTokenAssertionState.java?rev=1490977&r1=1490976&r2=1490977&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/UsernameTokenAssertionState.java
(original)
+++ webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/UsernameTokenAssertionState.java
Sat Jun  8 13:20:18 2013
@@ -37,8 +37,8 @@ import org.apache.xml.security.stax.secu
 
 public class UsernameTokenAssertionState extends TokenAssertionState {
 
-    public UsernameTokenAssertionState(AbstractSecurityAssertion assertion, boolean asserted)
{
-        super(assertion, asserted);
+    public UsernameTokenAssertionState(AbstractSecurityAssertion assertion, boolean asserted,
boolean initiator) {
+        super(assertion, asserted, initiator);
     }
 
     @Override

Modified: webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/X509TokenAssertionState.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/X509TokenAssertionState.java?rev=1490977&r1=1490976&r2=1490977&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/X509TokenAssertionState.java
(original)
+++ webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/X509TokenAssertionState.java
Sat Jun  8 13:20:18 2013
@@ -37,8 +37,8 @@ import java.security.cert.X509Certificat
 
 public class X509TokenAssertionState extends TokenAssertionState {
 
-    public X509TokenAssertionState(AbstractSecurityAssertion assertion, boolean asserted)
{
-        super(assertion, asserted);
+    public X509TokenAssertionState(AbstractSecurityAssertion assertion, boolean asserted,
boolean initiator) {
+        super(assertion, asserted, initiator);
     }
 
     @Override

Modified: webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/AbstractPolicyTestBase.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/AbstractPolicyTestBase.java?rev=1490977&r1=1490976&r2=1490977&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/AbstractPolicyTestBase.java
(original)
+++ webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/wss4j/policy/stax/test/AbstractPolicyTestBase.java
Sat Jun  8 13:20:18 2013
@@ -35,6 +35,7 @@ import org.apache.xml.security.binding.x
 import org.apache.xml.security.binding.xmldsig11.NamedCurveType;
 import org.apache.xml.security.exceptions.XMLSecurityException;
 import org.apache.xml.security.stax.config.Init;
+import org.apache.xml.security.stax.impl.util.IDGenerator;
 import org.testng.annotations.BeforeClass;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
@@ -105,7 +106,10 @@ public class AbstractPolicyTestBase exte
         final KeyStore keyStore = KeyStore.getInstance("jks");
         keyStore.load(this.getClass().getClassLoader().getResourceAsStream("transmitter.jks"),
"default".toCharArray());
 
-        X509SecurityTokenImpl x509SecurityToken = new X509SecurityTokenImpl(tokenType, null,
null, null, "", WSSecurityTokenConstants.KeyIdentifier_ThumbprintIdentifier, null) {
+        X509SecurityTokenImpl x509SecurityToken =
+                new X509SecurityTokenImpl(
+                        tokenType, null, null, null, IDGenerator.generateID(null),
+                        WSSecurityTokenConstants.KeyIdentifier_ThumbprintIdentifier, null,
true) {
             @Override
             protected String getAlias() throws XMLSecurityException {
                 return keyAlias;
@@ -131,7 +135,9 @@ public class AbstractPolicyTestBase exte
     }
 
     public KerberosServiceSecurityTokenImpl getKerberosServiceSecurityToken(WSSecurityTokenConstants.TokenType
tokenType) throws Exception {
-        return new KerberosServiceSecurityTokenImpl(null, null, null, null, "", WSSecurityTokenConstants.KeyIdentifier_SecurityTokenReference);
+        return new KerberosServiceSecurityTokenImpl(
+                null, null, null, null, IDGenerator.generateID(null),
+                WSSecurityTokenConstants.KeyIdentifier_SecurityTokenDirectReference);
     }
 
     public HttpsSecurityTokenImpl getHttpsSecurityToken(WSSecurityTokenConstants.TokenType
tokenType) throws Exception {
@@ -139,17 +145,17 @@ public class AbstractPolicyTestBase exte
     }
 
     public RsaKeyValueSecurityTokenImpl getRsaKeyValueSecurityToken() throws Exception {
-        return new RsaKeyValueSecurityTokenImpl(null, null, WSSecurityTokenConstants.KeyIdentifier_EmbeddedKeyIdentifierRef);
+        return new RsaKeyValueSecurityTokenImpl(null, null);
     }
 
     public DsaKeyValueSecurityTokenImpl getDsaKeyValueSecurityToken() throws Exception {
-        return new DsaKeyValueSecurityTokenImpl(null, null, WSSecurityTokenConstants.KeyIdentifier_EmbeddedKeyIdentifierRef);
+        return new DsaKeyValueSecurityTokenImpl(null, null);
     }
 
     public ECKeyValueSecurityTokenImpl getECKeyValueSecurityToken() throws Exception {
         ECKeyValueType ecKeyValueType = new ECKeyValueType();
         ecKeyValueType.setNamedCurve(new NamedCurveType());
-        return new ECKeyValueSecurityTokenImpl(ecKeyValueType, null, WSSecurityTokenConstants.KeyIdentifier_EmbeddedKeyIdentifierRef);
+        return new ECKeyValueSecurityTokenImpl(ecKeyValueType, null);
     }
 
     protected String loadResourceAsString(String resource, String encoding) throws IOException
{



Mime
View raw message