ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From gi...@apache.org
Subject svn commit: r1492536 - /webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/TokenProtectionAssertionState.java
Date Thu, 13 Jun 2013 06:39:12 GMT
Author: giger
Date: Thu Jun 13 06:39:11 2013
New Revision: 1492536

URL: http://svn.apache.org/r1492536
Log:
WSS-454 - TokenProtection error 

Modified:
    webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/TokenProtectionAssertionState.java

Modified: webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/TokenProtectionAssertionState.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/TokenProtectionAssertionState.java?rev=1492536&r1=1492535&r2=1492536&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/TokenProtectionAssertionState.java
(original)
+++ webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/TokenProtectionAssertionState.java
Thu Jun 13 06:39:11 2013
@@ -35,7 +35,7 @@ import org.apache.xml.security.stax.secu
 import org.apache.xml.security.stax.securityToken.SecurityToken;
 
 import javax.xml.namespace.QName;
-import java.util.Iterator;
+import java.util.ArrayList;
 import java.util.LinkedList;
 import java.util.List;
 
@@ -44,9 +44,9 @@ import java.util.List;
  */
 public class TokenProtectionAssertionState extends AssertionState implements Assertable {
 
-    private final List<SignedElementSecurityEvent> signedElementEvents = new LinkedList<SignedElementSecurityEvent>();
-    private final List<TokenSecurityEvent<? extends SecurityToken>> tokenSecurityEvents
=
-            new LinkedList<TokenSecurityEvent<? extends SecurityToken>>();
+    private final ArrayList<SignedElementSecurityEvent> signedElementEvents = new ArrayList<SignedElementSecurityEvent>();
+    private final ArrayList<TokenSecurityEvent<? extends SecurityToken>> tokenSecurityEvents
=
+            new ArrayList<TokenSecurityEvent<? extends SecurityToken>>();
 
     public TokenProtectionAssertionState(Assertion assertion, boolean initialAssertionState)
{
         super(assertion, initialAssertionState);
@@ -88,9 +88,8 @@ public class TokenProtectionAssertionSta
                 = (TokenSecurityEvent<? extends SecurityToken>) securityEvent;
             tokenSecurityEvents.add(tokenSecurityEvent);
         } else { //Operation
-            Iterator<TokenSecurityEvent<? extends SecurityToken>> tokenSecurityEventIterator
= tokenSecurityEvents.iterator();
-            while (tokenSecurityEventIterator.hasNext()) {
-                TokenSecurityEvent<? extends SecurityToken> tokenSecurityEvent = tokenSecurityEventIterator.next();
+            for (int i = 0; i < tokenSecurityEvents.size(); i++) {
+                TokenSecurityEvent<? extends SecurityToken> tokenSecurityEvent = tokenSecurityEvents.get(i);
 
                 SecurityToken securityToken = tokenSecurityEvent.getSecurityToken();
                 while (securityToken.getKeyWrappingToken() != null) {
@@ -176,9 +175,8 @@ public class TokenProtectionAssertionSta
         signaturePath.addAll(WSSConstants.WSSE_SECURITY_HEADER_PATH);
         signaturePath.add(WSSConstants.TAG_dsig_Signature);
 
-        Iterator<SignedElementSecurityEvent> securityEventIterator = signedElementEvents.iterator();
-        while (securityEventIterator.hasNext()) {
-            SignedElementSecurityEvent signedElementSecurityEvent = securityEventIterator.next();
+        for (int i = 0; i < signedElementEvents.size(); i++) {
+            SignedElementSecurityEvent signedElementSecurityEvent = signedElementEvents.get(i);
             if (WSSUtils.pathMatches(signedElementSecurityEvent.getElementPath(), signaturePath,
true, false)) {
                 SecurityToken signingSecurityToken = signedElementSecurityEvent.getSecurityToken();
                 while (signingSecurityToken != null && signingSecurityToken.getKeyWrappingToken()
!= null) {
@@ -194,9 +192,8 @@ public class TokenProtectionAssertionSta
     }
 
     private boolean signsItsSignatureToken(SecurityToken securityToken) throws XMLSecurityException
{
-        Iterator<SignedElementSecurityEvent> securityEventIterator = signedElementEvents.iterator();
-        while (securityEventIterator.hasNext()) {
-            SignedElementSecurityEvent signedElementSecurityEvent = securityEventIterator.next();
+        for (int i = 0; i < signedElementEvents.size(); i++) {
+            SignedElementSecurityEvent signedElementSecurityEvent = signedElementEvents.get(i);
             if (WSSUtils.pathMatches(signedElementSecurityEvent.getElementPath(), securityToken.getElementPath(),
false, false)) {
 
                 SecurityToken signingSecurityToken = signedElementSecurityEvent.getSecurityToken();
@@ -205,7 +202,22 @@ public class TokenProtectionAssertionSta
                 }
 
                 if (signingSecurityToken != null && signingSecurityToken.getId().equals(securityToken.getId()))
{
-                    return true;
+                    //ok we've found the correlating signedElementSecurityEvent. Now we have
to find the Token that
+                    //is covered by this signedElementSecurityEvent:
+                    for (int j = 0; j < tokenSecurityEvents.size(); j++) {
+                        TokenSecurityEvent<? extends SecurityToken> tokenSecurityEvent
= tokenSecurityEvents.get(j);
+                        SecurityToken st = tokenSecurityEvent.getSecurityToken();
+                        while (st.getKeyWrappingToken() != null) {
+                            st = st.getKeyWrappingToken();
+                        }
+                        if (signedElementSecurityEvent.getXmlSecEvent() == st.getXMLSecEvent())
{
+                            //...and we got the covered token
+                            //next we have to see if the token is the same:
+                            if (st.getId().equals(securityToken.getId())) { //NOPMD
+                                return true;
+                            }
+                        }
+                    }
                 }
             }
         }
@@ -216,9 +228,9 @@ public class TokenProtectionAssertionSta
 
         List<SecurityToken> signedSupportingTokens = new LinkedList<SecurityToken>();
         List<SignedElementSecurityEvent> signedElements = new LinkedList<SignedElementSecurityEvent>();
-        Iterator<TokenSecurityEvent<? extends SecurityToken>> tokenSecurityEventIterator
= tokenSecurityEvents.iterator();
-        while (tokenSecurityEventIterator.hasNext()) {
-            TokenSecurityEvent<? extends SecurityToken> tokenSecurityEvent = tokenSecurityEventIterator.next();
+
+        for (int i = 0; i < tokenSecurityEvents.size(); i++) {
+            TokenSecurityEvent<? extends SecurityToken> tokenSecurityEvent = tokenSecurityEvents.get(i);
             SecurityToken supportingToken = tokenSecurityEvent.getSecurityToken();
             if (isSignedSupportingToken(supportingToken)) {
                 if (signedSupportingTokens.contains(supportingToken)) {
@@ -228,9 +240,8 @@ public class TokenProtectionAssertionSta
                 List<QName> elementPath = supportingToken.getElementPath();
 
                 boolean found = false;
-                Iterator<SignedElementSecurityEvent> signedElementSecurityEventIterator
= signedElementEvents.iterator();
-                while (signedElementSecurityEventIterator.hasNext()) {
-                    SignedElementSecurityEvent signedElementSecurityEvent = signedElementSecurityEventIterator.next();
+                for (int j = 0; j < signedElementEvents.size(); j++) {
+                    SignedElementSecurityEvent signedElementSecurityEvent = signedElementEvents.get(j);
                     if (WSSUtils.pathMatches(signedElementSecurityEvent.getElementPath(),
elementPath, false, false)) {
                         SecurityToken elementSignatureToken = signedElementSecurityEvent.getSecurityToken();
                         while (elementSignatureToken != null && elementSignatureToken.getKeyWrappingToken()
!= null) {



Mime
View raw message