Author: giger
Date: Thu Jun 13 06:39:11 2013
New Revision: 1492536
URL: http://svn.apache.org/r1492536
Log:
WSS-454 - TokenProtection error
Modified:
webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/TokenProtectionAssertionState.java
Modified: webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/TokenProtectionAssertionState.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/TokenProtectionAssertionState.java?rev=1492536&r1=1492535&r2=1492536&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/TokenProtectionAssertionState.java
(original)
+++ webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/assertionStates/TokenProtectionAssertionState.java
Thu Jun 13 06:39:11 2013
@@ -35,7 +35,7 @@ import org.apache.xml.security.stax.secu
import org.apache.xml.security.stax.securityToken.SecurityToken;
import javax.xml.namespace.QName;
-import java.util.Iterator;
+import java.util.ArrayList;
import java.util.LinkedList;
import java.util.List;
@@ -44,9 +44,9 @@ import java.util.List;
*/
public class TokenProtectionAssertionState extends AssertionState implements Assertable {
- private final List<SignedElementSecurityEvent> signedElementEvents = new LinkedList<SignedElementSecurityEvent>();
- private final List<TokenSecurityEvent<? extends SecurityToken>> tokenSecurityEvents
=
- new LinkedList<TokenSecurityEvent<? extends SecurityToken>>();
+ private final ArrayList<SignedElementSecurityEvent> signedElementEvents = new ArrayList<SignedElementSecurityEvent>();
+ private final ArrayList<TokenSecurityEvent<? extends SecurityToken>> tokenSecurityEvents
=
+ new ArrayList<TokenSecurityEvent<? extends SecurityToken>>();
public TokenProtectionAssertionState(Assertion assertion, boolean initialAssertionState)
{
super(assertion, initialAssertionState);
@@ -88,9 +88,8 @@ public class TokenProtectionAssertionSta
= (TokenSecurityEvent<? extends SecurityToken>) securityEvent;
tokenSecurityEvents.add(tokenSecurityEvent);
} else { //Operation
- Iterator<TokenSecurityEvent<? extends SecurityToken>> tokenSecurityEventIterator
= tokenSecurityEvents.iterator();
- while (tokenSecurityEventIterator.hasNext()) {
- TokenSecurityEvent<? extends SecurityToken> tokenSecurityEvent = tokenSecurityEventIterator.next();
+ for (int i = 0; i < tokenSecurityEvents.size(); i++) {
+ TokenSecurityEvent<? extends SecurityToken> tokenSecurityEvent = tokenSecurityEvents.get(i);
SecurityToken securityToken = tokenSecurityEvent.getSecurityToken();
while (securityToken.getKeyWrappingToken() != null) {
@@ -176,9 +175,8 @@ public class TokenProtectionAssertionSta
signaturePath.addAll(WSSConstants.WSSE_SECURITY_HEADER_PATH);
signaturePath.add(WSSConstants.TAG_dsig_Signature);
- Iterator<SignedElementSecurityEvent> securityEventIterator = signedElementEvents.iterator();
- while (securityEventIterator.hasNext()) {
- SignedElementSecurityEvent signedElementSecurityEvent = securityEventIterator.next();
+ for (int i = 0; i < signedElementEvents.size(); i++) {
+ SignedElementSecurityEvent signedElementSecurityEvent = signedElementEvents.get(i);
if (WSSUtils.pathMatches(signedElementSecurityEvent.getElementPath(), signaturePath,
true, false)) {
SecurityToken signingSecurityToken = signedElementSecurityEvent.getSecurityToken();
while (signingSecurityToken != null && signingSecurityToken.getKeyWrappingToken()
!= null) {
@@ -194,9 +192,8 @@ public class TokenProtectionAssertionSta
}
private boolean signsItsSignatureToken(SecurityToken securityToken) throws XMLSecurityException
{
- Iterator<SignedElementSecurityEvent> securityEventIterator = signedElementEvents.iterator();
- while (securityEventIterator.hasNext()) {
- SignedElementSecurityEvent signedElementSecurityEvent = securityEventIterator.next();
+ for (int i = 0; i < signedElementEvents.size(); i++) {
+ SignedElementSecurityEvent signedElementSecurityEvent = signedElementEvents.get(i);
if (WSSUtils.pathMatches(signedElementSecurityEvent.getElementPath(), securityToken.getElementPath(),
false, false)) {
SecurityToken signingSecurityToken = signedElementSecurityEvent.getSecurityToken();
@@ -205,7 +202,22 @@ public class TokenProtectionAssertionSta
}
if (signingSecurityToken != null && signingSecurityToken.getId().equals(securityToken.getId()))
{
- return true;
+ //ok we've found the correlating signedElementSecurityEvent. Now we have
to find the Token that
+ //is covered by this signedElementSecurityEvent:
+ for (int j = 0; j < tokenSecurityEvents.size(); j++) {
+ TokenSecurityEvent<? extends SecurityToken> tokenSecurityEvent
= tokenSecurityEvents.get(j);
+ SecurityToken st = tokenSecurityEvent.getSecurityToken();
+ while (st.getKeyWrappingToken() != null) {
+ st = st.getKeyWrappingToken();
+ }
+ if (signedElementSecurityEvent.getXmlSecEvent() == st.getXMLSecEvent())
{
+ //...and we got the covered token
+ //next we have to see if the token is the same:
+ if (st.getId().equals(securityToken.getId())) { //NOPMD
+ return true;
+ }
+ }
+ }
}
}
}
@@ -216,9 +228,9 @@ public class TokenProtectionAssertionSta
List<SecurityToken> signedSupportingTokens = new LinkedList<SecurityToken>();
List<SignedElementSecurityEvent> signedElements = new LinkedList<SignedElementSecurityEvent>();
- Iterator<TokenSecurityEvent<? extends SecurityToken>> tokenSecurityEventIterator
= tokenSecurityEvents.iterator();
- while (tokenSecurityEventIterator.hasNext()) {
- TokenSecurityEvent<? extends SecurityToken> tokenSecurityEvent = tokenSecurityEventIterator.next();
+
+ for (int i = 0; i < tokenSecurityEvents.size(); i++) {
+ TokenSecurityEvent<? extends SecurityToken> tokenSecurityEvent = tokenSecurityEvents.get(i);
SecurityToken supportingToken = tokenSecurityEvent.getSecurityToken();
if (isSignedSupportingToken(supportingToken)) {
if (signedSupportingTokens.contains(supportingToken)) {
@@ -228,9 +240,8 @@ public class TokenProtectionAssertionSta
List<QName> elementPath = supportingToken.getElementPath();
boolean found = false;
- Iterator<SignedElementSecurityEvent> signedElementSecurityEventIterator
= signedElementEvents.iterator();
- while (signedElementSecurityEventIterator.hasNext()) {
- SignedElementSecurityEvent signedElementSecurityEvent = signedElementSecurityEventIterator.next();
+ for (int j = 0; j < signedElementEvents.size(); j++) {
+ SignedElementSecurityEvent signedElementSecurityEvent = signedElementEvents.get(j);
if (WSSUtils.pathMatches(signedElementSecurityEvent.getElementPath(),
elementPath, false, false)) {
SecurityToken elementSignatureToken = signedElementSecurityEvent.getSecurityToken();
while (elementSignatureToken != null && elementSignatureToken.getKeyWrappingToken()
!= null) {
|