ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1526479 [1/3] - in /webservices/wss4j/trunk: ws-security-common/src/main/java/org/apache/wss4j/common/ ws-security-dom/src/main/java/org/apache/wss4j/dom/ ws-security-dom/src/main/java/org/apache/wss4j/dom/action/ ws-security-dom/src/main/...
Date Thu, 26 Sep 2013 13:21:21 GMT
Author: coheigea
Date: Thu Sep 26 13:21:19 2013
New Revision: 1526479

URL: http://svn.apache.org/r1526479
Log:
Refactor of WSHandler "Action" configuration to allow per-Action configuration of keys/certificates/etc.

Added:
    webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/EncryptionActionToken.java
    webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/SecurityActionToken.java
      - copied, changed from r1525860, webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/Action.java
    webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/SignatureActionToken.java
    webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/SignatureEncryptionActionToken.java
    webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/WSEncryptionPart.java
      - copied, changed from r1525860, webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/WSEncryptionPart.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/HandlerAction.java
Removed:
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/WSEncryptionPart.java
Modified:
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/Action.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/EncryptionAction.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SAMLTokenSignedAction.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SAMLTokenUnsignedAction.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SignatureAction.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SignatureConfirmationAction.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/TimestampAction.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/UsernameTokenAction.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/UsernameTokenSignedAction.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/RequestData.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/WSHandler.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecBase.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDKEncrypt.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecDKSign.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignature.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignatureBase.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/saml/WSSecSignatureSAML.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/WSSecurityUtil.java
    webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/common/CustomAction.java
    webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/common/CustomHandler.java
    webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/handler/CallbackRefTest.java
    webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/handler/CustomActionProcessorTest.java
    webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/handler/SignatureConfirmationTest.java
    webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/handler/SignatureUTAliasTest.java
    webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/handler/UseReqSigCertTest.java
    webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/handler/WSHandlerGetPasswordTest.java
    webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/EncryptedDataInHeaderTest.java
    webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/EncryptionCRLTest.java
    webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/EncryptionPartsTest.java
    webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/EncryptionTest.java
    webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/ModifiedRequestTest.java
    webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/PasswordEncryptorTest.java
    webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/PasswordTypeTest.java
    webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/ReplayTest.java
    webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/RequireSignedEncryptedDataElementsTest.java
    webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/STRSignatureTest.java
    webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignatureAlgorithmSuiteTest.java
    webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignatureCertTest.java
    webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignatureEncryptionTest.java
    webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignaturePartsTest.java
    webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignatureTest.java
    webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignedBSTTest.java
    webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SymmetricSignatureTest.java
    webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/UTSignatureTest.java
    webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/UsernameTokenTest.java
    webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/token/BSTKerberosTest.java
    webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/processor/EncryptedKeyDataRefTest.java
    webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/processor/ReferenceListDataRefTest.java
    webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlReferenceTest.java
    webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenDerivedTest.java
    webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenSVTest.java
    webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenTest.java
    webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/AbstractTestBase.java
    webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/EncDecryptionTest.java
    webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/SignatureCRLTest.java
    webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/SignatureCertConstaintsTest.java
    webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/saml/SAMLTokenReferenceTest.java
    webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/wss4j/stax/test/saml/SamlTokenDerivedTest.java

Added: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/EncryptionActionToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/EncryptionActionToken.java?rev=1526479&view=auto
==============================================================================
--- webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/EncryptionActionToken.java (added)
+++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/EncryptionActionToken.java Thu Sep 26 13:21:19 2013
@@ -0,0 +1,58 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.wss4j.common;
+
+
+/**
+ * This class encapsulates configuration for Encryption Actions.
+ */
+public class EncryptionActionToken extends SignatureEncryptionActionToken {  
+
+    private boolean encSymmetricEncryptionKey = true;
+    private String mgfAlgorithm;
+    private String symmetricAlgorithm;
+    private String keyTransportAlgorithm;
+    
+    public boolean isEncSymmetricEncryptionKey() {
+        return encSymmetricEncryptionKey;
+    }
+    public void setEncSymmetricEncryptionKey(boolean encSymmetricEncryptionKey) {
+        this.encSymmetricEncryptionKey = encSymmetricEncryptionKey;
+    }
+    public String getMgfAlgorithm() {
+        return mgfAlgorithm;
+    }
+    public void setMgfAlgorithm(String mgfAlgorithm) {
+        this.mgfAlgorithm = mgfAlgorithm;
+    }
+    public String getSymmetricAlgorithm() {
+        return symmetricAlgorithm;
+    }
+    public void setSymmetricAlgorithm(String symmetricAlgorithm) {
+        this.symmetricAlgorithm = symmetricAlgorithm;
+    }
+    public String getKeyTransportAlgorithm() {
+        return keyTransportAlgorithm;
+    }
+    public void setKeyTransportAlgorithm(String keyTransportAlgorithm) {
+        this.keyTransportAlgorithm = keyTransportAlgorithm;
+    }
+ 
+}
+

Copied: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/SecurityActionToken.java (from r1525860, webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/Action.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/SecurityActionToken.java?p2=webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/SecurityActionToken.java&p1=webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/Action.java&r1=1525860&r2=1526479&rev=1526479&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/Action.java (original)
+++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/SecurityActionToken.java Thu Sep 26 13:21:19 2013
@@ -16,24 +16,30 @@
  * specific language governing permissions and limitations
  * under the License.
  */
+package org.apache.wss4j.common;
 
-package org.apache.wss4j.dom.action;
+import java.security.Key;
+import java.security.cert.X509Certificate;
 
-import org.w3c.dom.Document;
+import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.ext.WSSecurityException;
-import org.apache.wss4j.dom.handler.RequestData;
-import org.apache.wss4j.dom.handler.WSHandler;
+
 
 /**
- * Interface for all actions
+ * This interface encapsulates configuration for Actions. This allows a user to use specific keys
+ * for different actions, rather than to use the generic keys etc. configured on the request.
  */
-public interface Action {
+public interface SecurityActionToken {  
+
+    String getUser();
+    
+    Key getKey();
     
-    void execute(
-        WSHandler handler, 
-        int actionToDo, 
-        Document doc,
-        RequestData reqData
-    ) throws WSSecurityException;
+    X509Certificate getCertificate();
+    
+    Crypto getCrypto() throws WSSecurityException;
+    
+    String getCryptoProperties();
     
 }
+

Added: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/SignatureActionToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/SignatureActionToken.java?rev=1526479&view=auto
==============================================================================
--- webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/SignatureActionToken.java (added)
+++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/SignatureActionToken.java Thu Sep 26 13:21:19 2013
@@ -0,0 +1,58 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.wss4j.common;
+
+
+/**
+ * This class encapsulates configuration for Signature Actions.
+ */
+public class SignatureActionToken extends SignatureEncryptionActionToken {  
+
+    private String c14nAlgorithm;
+    private boolean includeSignatureToken = true;
+    private boolean useSingleCert = true;
+    private String signatureAlgorithm;
+    
+    public String getC14nAlgorithm() {
+        return c14nAlgorithm;
+    }
+    public void setC14nAlgorithm(String c14nAlgorithm) {
+        this.c14nAlgorithm = c14nAlgorithm;
+    }
+    public boolean isIncludeSignatureToken() {
+        return includeSignatureToken;
+    }
+    public void setIncludeSignatureToken(boolean includeSignatureToken) {
+        this.includeSignatureToken = includeSignatureToken;
+    }
+    public boolean isUseSingleCert() {
+        return useSingleCert;
+    }
+    public void setUseSingleCert(boolean useSingleCert) {
+        this.useSingleCert = useSingleCert;
+    }
+    public String getSignatureAlgorithm() {
+        return signatureAlgorithm;
+    }
+    public void setSignatureAlgorithm(String signatureAlgorithm) {
+        this.signatureAlgorithm = signatureAlgorithm;
+    }
+ 
+}
+

Added: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/SignatureEncryptionActionToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/SignatureEncryptionActionToken.java?rev=1526479&view=auto
==============================================================================
--- webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/SignatureEncryptionActionToken.java (added)
+++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/SignatureEncryptionActionToken.java Thu Sep 26 13:21:19 2013
@@ -0,0 +1,137 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.wss4j.common;
+
+import java.security.Key;
+import java.security.cert.X509Certificate;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Properties;
+
+import org.apache.wss4j.common.crypto.Crypto;
+import org.apache.wss4j.common.crypto.CryptoFactory;
+import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.common.util.Loader;
+import org.w3c.dom.Element;
+
+/**
+ * This abstract class encapsulates configuration for Signature + Encryption Actions.
+ */
+public abstract class SignatureEncryptionActionToken implements SecurityActionToken {
+    
+    private static final org.slf4j.Logger LOG = 
+        org.slf4j.LoggerFactory.getLogger(SignatureEncryptionActionToken.class);
+
+    private X509Certificate certificate;
+    private Key key;
+    private String user;
+    private Element keyInfoElement;
+    private Crypto crypto;
+    private String keyIdentifier;
+    private int keyIdentifierId;
+    private String digestAlgorithm;
+    private List<WSEncryptionPart> parts = new ArrayList<WSEncryptionPart>();
+    private String optionalParts;
+    private String cryptoProperties;
+    
+    public X509Certificate getCertificate() {
+        return certificate;
+    }
+    public void setCertificate(X509Certificate certificate) {
+        this.certificate = certificate;
+    }
+    public Key getKey() {
+        return key;
+    }
+    public void setKey(Key key) {
+        this.key = key;
+    }
+    public Element getKeyInfoElement() {
+        return keyInfoElement;
+    }
+    public void setKeyInfoElement(Element keyInfoElement) {
+        this.keyInfoElement = keyInfoElement;
+    }
+    public String getUser() {
+        return user;
+    }
+    public void setUser(String user) {
+        this.user = user;
+    }
+    
+    public synchronized Crypto getCrypto() throws WSSecurityException {
+        if (crypto != null) {
+            return crypto;
+        }
+        if (cryptoProperties != null) {
+            ClassLoader classLoader = null;
+            try {
+                classLoader = Loader.getTCL();
+            } catch (Exception ex) {
+                // Ignore
+                LOG.debug(ex.getMessage(), ex);
+            }
+            Properties properties = CryptoFactory.getProperties(cryptoProperties, classLoader);
+            crypto = 
+                CryptoFactory.getInstance(properties, classLoader, null);
+        }
+        return crypto;
+    }
+    
+    public void setCrypto(Crypto crypto) {
+        this.crypto = crypto;
+    }
+    public String getKeyIdentifier() {
+        return keyIdentifier;
+    }
+    public void setKeyIdentifier(String keyIdentifier) {
+        this.keyIdentifier = keyIdentifier;
+    }
+    public String getDigestAlgorithm() {
+        return digestAlgorithm;
+    }
+    public void setDigestAlgorithm(String digestAlgorithm) {
+        this.digestAlgorithm = digestAlgorithm;
+    }
+    public String getOptionalParts() {
+        return optionalParts;
+    }
+    public void setOptionalParts(String optionalParts) {
+        this.optionalParts = optionalParts;
+    }
+    public int getKeyIdentifierId() {
+        return keyIdentifierId;
+    }
+    public void setKeyIdentifierId(int keyIdentifierId) {
+        this.keyIdentifierId = keyIdentifierId;
+    }
+    public List<WSEncryptionPart> getParts() {
+        return parts;
+    }
+    public void setParts(List<WSEncryptionPart> parts) {
+        this.parts = parts;
+    }
+    public String getCryptoProperties() {
+        return cryptoProperties;
+    }
+    public void setCryptoProperties(String cryptoProperties) {
+        this.cryptoProperties = cryptoProperties;
+    }
+}
+

Copied: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/WSEncryptionPart.java (from r1525860, webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/WSEncryptionPart.java)
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/WSEncryptionPart.java?p2=webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/WSEncryptionPart.java&p1=webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/WSEncryptionPart.java&r1=1525860&r2=1526479&rev=1526479&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/WSEncryptionPart.java (original)
+++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/WSEncryptionPart.java Thu Sep 26 13:21:19 2013
@@ -17,7 +17,7 @@
  * under the License.
  */
 
-package org.apache.wss4j.dom;
+package org.apache.wss4j.common;
 
 import org.w3c.dom.Element;
 

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/Action.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/Action.java?rev=1526479&r1=1526478&r2=1526479&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/Action.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/Action.java Thu Sep 26 13:21:19 2013
@@ -20,6 +20,7 @@
 package org.apache.wss4j.dom.action;
 
 import org.w3c.dom.Document;
+import org.apache.wss4j.common.SecurityActionToken;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.dom.handler.RequestData;
 import org.apache.wss4j.dom.handler.WSHandler;
@@ -31,7 +32,7 @@ public interface Action {
     
     void execute(
         WSHandler handler, 
-        int actionToDo, 
+        SecurityActionToken actionToken,
         Document doc,
         RequestData reqData
     ) throws WSSecurityException;

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/EncryptionAction.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/EncryptionAction.java?rev=1526479&r1=1526478&r2=1526479&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/EncryptionAction.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/EncryptionAction.java Thu Sep 26 13:21:19 2013
@@ -24,6 +24,8 @@ import java.security.cert.X509Certificat
 import javax.security.auth.callback.CallbackHandler;
 
 import org.apache.wss4j.dom.WSConstants;
+import org.apache.wss4j.common.EncryptionActionToken;
+import org.apache.wss4j.common.SecurityActionToken;
 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.crypto.CryptoType;
 import org.apache.wss4j.common.ext.WSPasswordCallback;
@@ -35,14 +37,23 @@ import org.apache.wss4j.dom.message.WSSe
 import org.w3c.dom.Document;
 
 public class EncryptionAction implements Action {
-    public void execute(WSHandler handler, int actionToDo, Document doc, RequestData reqData)
+    public void execute(WSHandler handler, SecurityActionToken actionToken,
+                        Document doc, RequestData reqData)
             throws WSSecurityException {
         WSSecEncrypt wsEncrypt = new WSSecEncrypt(reqData.getWssConfig());
 
-        if (reqData.getEncKeyId() != 0) {
-            wsEncrypt.setKeyIdentifierType(reqData.getEncKeyId());
+        EncryptionActionToken encryptionToken = null;
+        if (actionToken instanceof EncryptionActionToken) {
+            encryptionToken = (EncryptionActionToken)actionToken;
         }
-        if (reqData.getEncKeyId() == WSConstants.EMBEDDED_KEYNAME) {
+        if (encryptionToken == null) {
+            encryptionToken = reqData.getEncryptionToken();
+        }
+        
+        if (encryptionToken.getKeyIdentifierId() != 0) {
+            wsEncrypt.setKeyIdentifierType(encryptionToken.getKeyIdentifierId());
+        }
+        if (encryptionToken.getKeyIdentifierId() == WSConstants.EMBEDDED_KEYNAME) {
             String encKeyName = handler.getString(WSHandlerConstants.ENC_KEY_NAME,
                     reqData.getMsgContext());
             wsEncrypt.setEmbeddedKeyName(encKeyName);
@@ -53,50 +64,50 @@ public class EncryptionAction implements
                     reqData
                 );
             WSPasswordCallback passwordCallback = 
-                handler.getPasswordCB(reqData.getEncUser(), actionToDo, callbackHandler, reqData);
+                handler.getPasswordCB(encryptionToken.getUser(), WSConstants.ENCR, callbackHandler, reqData);
             byte[] embeddedKey = passwordCallback.getKey();
             wsEncrypt.setKey(embeddedKey);
             wsEncrypt.setDocument(doc);
         }
-        if (reqData.getEncSymmAlgo() != null) {
-            wsEncrypt.setSymmetricEncAlgorithm(reqData.getEncSymmAlgo());
+        if (encryptionToken.getSymmetricAlgorithm() != null) {
+            wsEncrypt.setSymmetricEncAlgorithm(encryptionToken.getSymmetricAlgorithm());
         }
-        if (reqData.getEncKeyTransport() != null) {
-            wsEncrypt.setKeyEnc(reqData.getEncKeyTransport());
+        if (encryptionToken.getKeyTransportAlgorithm() != null) {
+            wsEncrypt.setKeyEnc(encryptionToken.getKeyTransportAlgorithm());
         }
-        if (reqData.getEncDigestAlgorithm() != null) {
-            wsEncrypt.setDigestAlgorithm(reqData.getEncDigestAlgorithm());
+        if (encryptionToken.getDigestAlgorithm() != null) {
+            wsEncrypt.setDigestAlgorithm(encryptionToken.getDigestAlgorithm());
         }
 
-        if (reqData.getEncMGFAlgorithm() != null) {
-            wsEncrypt.setMGFAlgorithm(reqData.getEncMGFAlgorithm());
+        if (encryptionToken.getMgfAlgorithm() != null) {
+            wsEncrypt.setMGFAlgorithm(encryptionToken.getMgfAlgorithm());
         }
         
-        wsEncrypt.setUserInfo(reqData.getEncUser());
-        wsEncrypt.setUseThisCert(reqData.getEncCert());
-        Crypto crypto = reqData.getEncCrypto();
+        wsEncrypt.setUserInfo(encryptionToken.getUser());
+        wsEncrypt.setUseThisCert(encryptionToken.getCertificate());
+        Crypto crypto = encryptionToken.getCrypto();
         boolean enableRevocation = Boolean.valueOf(handler.getStringOption(WSHandlerConstants.ENABLE_REVOCATION));
         if (enableRevocation && crypto != null) {
             CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
-            cryptoType.setAlias(reqData.getEncUser());
+            cryptoType.setAlias(encryptionToken.getUser());
             X509Certificate[] certs = crypto.getX509Certificates(cryptoType);
             if (certs != null && certs.length > 0) {
                 crypto.verifyTrust(certs, enableRevocation);
             }
         }
-        if (reqData.getEncryptParts().size() > 0) {
-            wsEncrypt.setParts(reqData.getEncryptParts());
+        if (encryptionToken.getParts().size() > 0) {
+            wsEncrypt.setParts(encryptionToken.getParts());
         }
-        if (!reqData.getEncryptSymmetricEncryptionKey()) {
+        if (!encryptionToken.isEncSymmetricEncryptionKey()) {
             CallbackHandler callbackHandler = 
                 handler.getPasswordCallbackHandler(reqData);
             WSPasswordCallback passwordCallback = 
-                handler.getPasswordCB(reqData.getEncUser(), actionToDo, callbackHandler, reqData);
+                handler.getPasswordCB(encryptionToken.getUser(), WSConstants.ENCR, callbackHandler, reqData);
             wsEncrypt.setEphemeralKey(passwordCallback.getKey());
-            wsEncrypt.setEncryptSymmKey(reqData.getEncryptSymmetricEncryptionKey());
+            wsEncrypt.setEncryptSymmKey(encryptionToken.isEncSymmetricEncryptionKey());
         }
         try {
-            wsEncrypt.build(doc, reqData.getEncCrypto(), reqData.getSecHeader());
+            wsEncrypt.build(doc, encryptionToken.getCrypto(), reqData.getSecHeader());
         } catch (WSSecurityException e) {
             throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "empty", e, "Error during encryption: ");
         }

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SAMLTokenSignedAction.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SAMLTokenSignedAction.java?rev=1526479&r1=1526478&r2=1526479&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SAMLTokenSignedAction.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SAMLTokenSignedAction.java Thu Sep 26 13:21:19 2013
@@ -21,17 +21,19 @@ package org.apache.wss4j.dom.action;
 
 import javax.security.auth.callback.CallbackHandler;
 
+import org.apache.wss4j.common.SecurityActionToken;
+import org.apache.wss4j.common.SignatureActionToken;
 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.ext.WSPasswordCallback;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.common.saml.SamlAssertionWrapper;
 import org.apache.wss4j.common.saml.SAMLCallback;
 import org.apache.wss4j.common.saml.SAMLUtil;
+import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.dom.handler.RequestData;
 import org.apache.wss4j.dom.handler.WSHandler;
 import org.apache.wss4j.dom.handler.WSHandlerConstants;
 import org.apache.wss4j.dom.saml.WSSecSignatureSAML;
-
 import org.w3c.dom.Document;
 
 public class SAMLTokenSignedAction implements Action {
@@ -39,7 +41,8 @@ public class SAMLTokenSignedAction imple
     private static org.slf4j.Logger log = 
         org.slf4j.LoggerFactory.getLogger(SAMLTokenSignedAction.class);
 
-    public void execute(WSHandler handler, int actionToDo, Document doc, RequestData reqData)
+    public void execute(WSHandler handler, SecurityActionToken actionToken,
+                        Document doc, RequestData reqData)
             throws WSSecurityException {
         Crypto crypto = null;
         /*
@@ -92,20 +95,28 @@ public class SAMLTokenSignedAction imple
         CallbackHandler callbackHandler = 
             handler.getPasswordCallbackHandler(reqData);
         WSPasswordCallback passwordCallback = 
-            handler.getPasswordCB(reqData.getUsername(), actionToDo, callbackHandler, reqData);
+            handler.getPasswordCB(reqData.getUsername(), WSConstants.ST_SIGNED, callbackHandler, reqData);
         wsSign.setUserInfo(reqData.getUsername(), passwordCallback.getPassword());
         
-        if (reqData.getSigKeyId() != 0) {
-            wsSign.setKeyIdentifierType(reqData.getSigKeyId());
+        SignatureActionToken signatureToken = null;
+        if (actionToken instanceof SignatureActionToken) {
+            signatureToken = (SignatureActionToken)actionToken;
+        }
+        if (signatureToken == null) {
+            signatureToken = reqData.getSignatureToken();
+        }
+        
+        if (signatureToken.getKeyIdentifierId() != 0) {
+            wsSign.setKeyIdentifierType(signatureToken.getKeyIdentifierId());
         }
-        if (reqData.getSigAlgorithm() != null) {
-            wsSign.setSignatureAlgorithm(reqData.getSigAlgorithm());
+        if (signatureToken.getSignatureAlgorithm() != null) {
+            wsSign.setSignatureAlgorithm(signatureToken.getSignatureAlgorithm());
         }
-        if (reqData.getSigDigestAlgorithm() != null) {
-            wsSign.setDigestAlgo(reqData.getSigDigestAlgorithm());
+        if (signatureToken.getDigestAlgorithm() != null) {
+            wsSign.setDigestAlgo(signatureToken.getDigestAlgorithm());
         }
-        if (reqData.getSignatureC14nAlgorithm() != null) {
-            wsSign.setSigCanonicalization(reqData.getSignatureC14nAlgorithm());
+        if (signatureToken.getC14nAlgorithm() != null) {
+            wsSign.setSigCanonicalization(signatureToken.getC14nAlgorithm());
         }
 
          /*
@@ -114,8 +125,8 @@ public class SAMLTokenSignedAction imple
          * If not set WSSecSignatureSAML
          * defaults to only sign the body.
          */
-        if (reqData.getSignatureParts().size() > 0) {
-            wsSign.setParts(reqData.getSignatureParts());
+        if (signatureToken.getParts().size() > 0) {
+            wsSign.setParts(signatureToken.getParts());
         }
 
         try {

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SAMLTokenUnsignedAction.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SAMLTokenUnsignedAction.java?rev=1526479&r1=1526478&r2=1526479&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SAMLTokenUnsignedAction.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SAMLTokenUnsignedAction.java Thu Sep 26 13:21:19 2013
@@ -21,6 +21,7 @@ package org.apache.wss4j.dom.action;
 
 import javax.security.auth.callback.CallbackHandler;
 
+import org.apache.wss4j.common.SecurityActionToken;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.common.saml.SamlAssertionWrapper;
 import org.apache.wss4j.common.saml.SAMLCallback;
@@ -33,7 +34,8 @@ import org.w3c.dom.Document;
 
 public class SAMLTokenUnsignedAction implements Action {
 
-    public void execute(WSHandler handler, int actionToDo, Document doc, RequestData reqData)
+    public void execute(WSHandler handler, SecurityActionToken actionToken,
+                        Document doc, RequestData reqData)
             throws WSSecurityException {
         WSSecSAMLToken builder = new WSSecSAMLToken(reqData.getWssConfig());
 

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SignatureAction.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SignatureAction.java?rev=1526479&r1=1526478&r2=1526479&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SignatureAction.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SignatureAction.java Thu Sep 26 13:21:19 2013
@@ -23,10 +23,12 @@ import java.util.List;
 
 import javax.security.auth.callback.CallbackHandler;
 
+import org.apache.wss4j.common.SecurityActionToken;
+import org.apache.wss4j.common.SignatureActionToken;
+import org.apache.wss4j.common.WSEncryptionPart;
 import org.apache.wss4j.common.ext.WSPasswordCallback;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.dom.WSConstants;
-import org.apache.wss4j.dom.WSEncryptionPart;
 import org.apache.wss4j.dom.handler.RequestData;
 import org.apache.wss4j.dom.handler.WSHandler;
 import org.apache.wss4j.dom.message.WSSecSignature;
@@ -35,35 +37,45 @@ import org.w3c.dom.Element;
 import org.w3c.dom.Node;
 
 public class SignatureAction implements Action {
-    public void execute(WSHandler handler, int actionToDo, Document doc, RequestData reqData)
+    public void execute(WSHandler handler, SecurityActionToken actionToken,
+                        Document doc, RequestData reqData)
             throws WSSecurityException {
         CallbackHandler callbackHandler = reqData.getCallbackHandler();
         if (callbackHandler == null) {
             callbackHandler = handler.getPasswordCallbackHandler(reqData);
         }
+        
+        SignatureActionToken signatureToken = null;
+        if (actionToken instanceof SignatureActionToken) {
+            signatureToken = (SignatureActionToken)actionToken;
+        }
+        if (signatureToken == null) {
+            signatureToken = reqData.getSignatureToken();
+        }
+        
         WSPasswordCallback passwordCallback = 
-            handler.getPasswordCB(reqData.getSignatureUser(), actionToDo, callbackHandler, reqData);
+            handler.getPasswordCB(signatureToken.getUser(), WSConstants.SIGN, callbackHandler, reqData);
         WSSecSignature wsSign = new WSSecSignature(reqData.getWssConfig());
 
-        if (reqData.getSigKeyId() != 0) {
-            wsSign.setKeyIdentifierType(reqData.getSigKeyId());
+        if (signatureToken.getKeyIdentifierId() != 0) {
+            wsSign.setKeyIdentifierType(signatureToken.getKeyIdentifierId());
         }
-        if (reqData.getSigAlgorithm() != null) {
-            wsSign.setSignatureAlgorithm(reqData.getSigAlgorithm());
+        if (signatureToken.getSignatureAlgorithm() != null) {
+            wsSign.setSignatureAlgorithm(signatureToken.getSignatureAlgorithm());
         }
-        if (reqData.getSigDigestAlgorithm() != null) {
-            wsSign.setDigestAlgo(reqData.getSigDigestAlgorithm());
+        if (signatureToken.getDigestAlgorithm() != null) {
+            wsSign.setDigestAlgo(signatureToken.getDigestAlgorithm());
         }
-        if (reqData.getSignatureC14nAlgorithm() != null) {
-            wsSign.setSigCanonicalization(reqData.getSignatureC14nAlgorithm());
+        if (signatureToken.getC14nAlgorithm() != null) {
+            wsSign.setSigCanonicalization(signatureToken.getC14nAlgorithm());
         }
         
-        wsSign.setIncludeSignatureToken(reqData.isIncludeSignatureToken());
+        wsSign.setIncludeSignatureToken(signatureToken.isIncludeSignatureToken());
 
-        wsSign.setUserInfo(reqData.getSignatureUser(), passwordCallback.getPassword());
-        wsSign.setUseSingleCertificate(reqData.isUseSingleCert());
-        if (reqData.getSignatureParts().size() > 0) {
-            wsSign.setParts(reqData.getSignatureParts());
+        wsSign.setUserInfo(signatureToken.getUser(), passwordCallback.getPassword());
+        wsSign.setUseSingleCertificate(signatureToken.isUseSingleCert());
+        if (signatureToken.getParts().size() > 0) {
+            wsSign.setParts(signatureToken.getParts());
         }
         
         if (passwordCallback.getKey() != null) {
@@ -71,11 +83,11 @@ public class SignatureAction implements 
         }
 
         try {
-            wsSign.prepare(doc, reqData.getSigCrypto(), reqData.getSecHeader());
+            wsSign.prepare(doc, signatureToken.getCrypto(), reqData.getSecHeader());
 
             Element siblingElementToPrepend = null;
             boolean signBST = false;
-            for (WSEncryptionPart part : reqData.getSignatureParts()) {
+            for (WSEncryptionPart part : signatureToken.getParts()) {
                 if ("STRTransform".equals(part.getName()) && part.getId() == null) {
                     part.setId(wsSign.getSecurityTokenReferenceURI());
                 } else if (reqData.isAppendSignatureAfterTimestamp()
@@ -108,7 +120,7 @@ public class SignatureAction implements 
                 wsSign.prependBSTElementToHeader(reqData.getSecHeader());
             }
             List<javax.xml.crypto.dsig.Reference> referenceList =
-                wsSign.addReferencesToSign(reqData.getSignatureParts(), reqData.getSecHeader());
+                wsSign.addReferencesToSign(signatureToken.getParts(), reqData.getSecHeader());
 
             if (signBST || 
                 reqData.isAppendSignatureAfterTimestamp() && siblingElementToPrepend == null) {

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SignatureConfirmationAction.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SignatureConfirmationAction.java?rev=1526479&r1=1526478&r2=1526479&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SignatureConfirmationAction.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/SignatureConfirmationAction.java Thu Sep 26 13:21:19 2013
@@ -20,8 +20,10 @@
 package org.apache.wss4j.dom.action;
 
 import org.apache.wss4j.dom.WSConstants;
-import org.apache.wss4j.dom.WSEncryptionPart;
 import org.apache.wss4j.dom.WSSecurityEngineResult;
+import org.apache.wss4j.common.SecurityActionToken;
+import org.apache.wss4j.common.SignatureActionToken;
+import org.apache.wss4j.common.WSEncryptionPart;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.dom.handler.RequestData;
 import org.apache.wss4j.dom.handler.WSHandler;
@@ -39,7 +41,8 @@ public class SignatureConfirmationAction
         org.slf4j.LoggerFactory.getLogger(SignatureConfirmationAction.class);
 
     @SuppressWarnings("unchecked")
-    public void execute(WSHandler handler, int actionToDo, Document doc, RequestData reqData)
+    public void execute(WSHandler handler, SecurityActionToken actionToken,
+                        Document doc, RequestData reqData)
             throws WSSecurityException {
         if (log.isDebugEnabled()) {
             log.debug("Perform Signature confirmation");
@@ -72,7 +75,11 @@ public class SignatureConfirmationAction
         // prepare a SignatureConfirmation token
         //
         WSSecSignatureConfirmation wsc = new WSSecSignatureConfirmation(reqData.getWssConfig());
-        List<WSEncryptionPart> signatureParts = reqData.getSignatureParts();
+        SignatureActionToken signatureToken = (SignatureActionToken)actionToken;
+        if (signatureToken == null) {
+            signatureToken = reqData.getSignatureToken();
+        }
+        List<WSEncryptionPart> signatureParts = signatureToken.getParts();
         if (signatureActions.size() > 0) {
             if (log.isDebugEnabled()) {
                 log.debug("Signature Confirmation: number of Signature results: "

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/TimestampAction.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/TimestampAction.java?rev=1526479&r1=1526478&r2=1526479&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/TimestampAction.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/TimestampAction.java Thu Sep 26 13:21:19 2013
@@ -19,6 +19,7 @@
 
 package org.apache.wss4j.dom.action;
 
+import org.apache.wss4j.common.SecurityActionToken;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.dom.handler.RequestData;
 import org.apache.wss4j.dom.handler.WSHandler;
@@ -27,7 +28,8 @@ import org.w3c.dom.Document;
 
 public class TimestampAction implements Action {
     
-    public void execute(WSHandler handler, int actionToDo, Document doc, RequestData reqData)
+    public void execute(WSHandler handler, SecurityActionToken actionToken,
+                        Document doc, RequestData reqData)
         throws WSSecurityException {
         //
         // add the Timestamp to the SOAP Envelope

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/UsernameTokenAction.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/UsernameTokenAction.java?rev=1526479&r1=1526478&r2=1526479&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/UsernameTokenAction.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/UsernameTokenAction.java Thu Sep 26 13:21:19 2013
@@ -21,8 +21,10 @@ package org.apache.wss4j.dom.action;
 
 import javax.security.auth.callback.CallbackHandler;
 
+import org.apache.wss4j.common.SecurityActionToken;
 import org.apache.wss4j.common.ext.WSPasswordCallback;
 import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.dom.handler.RequestData;
 import org.apache.wss4j.dom.handler.WSHandler;
 import org.apache.wss4j.dom.message.WSSecUsernameToken;
@@ -30,7 +32,8 @@ import org.w3c.dom.Document;
 
 public class UsernameTokenAction implements Action {
     
-    public void execute(WSHandler handler, int actionToDo, Document doc, RequestData reqData)
+    public void execute(WSHandler handler, SecurityActionToken actionToken,
+                        Document doc, RequestData reqData)
         throws WSSecurityException {
         String username = reqData.getUsername();
         String password = null;
@@ -38,7 +41,7 @@ public class UsernameTokenAction impleme
             CallbackHandler callbackHandler = 
                 handler.getPasswordCallbackHandler(reqData);
             WSPasswordCallback passwordCallback = 
-                handler.getPasswordCB(reqData.getUsername(), actionToDo, callbackHandler, reqData);
+                handler.getPasswordCB(reqData.getUsername(), WSConstants.UT, callbackHandler, reqData);
             username = passwordCallback.getIdentifier();
             password = passwordCallback.getPassword();
         }

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/UsernameTokenSignedAction.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/UsernameTokenSignedAction.java?rev=1526479&r1=1526478&r2=1526479&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/UsernameTokenSignedAction.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/action/UsernameTokenSignedAction.java Thu Sep 26 13:21:19 2013
@@ -26,7 +26,9 @@ import javax.security.auth.callback.Call
 
 import org.apache.wss4j.dom.SOAPConstants;
 import org.apache.wss4j.dom.WSConstants;
-import org.apache.wss4j.dom.WSEncryptionPart;
+import org.apache.wss4j.common.SecurityActionToken;
+import org.apache.wss4j.common.SignatureActionToken;
+import org.apache.wss4j.common.WSEncryptionPart;
 import org.apache.wss4j.common.ext.WSPasswordCallback;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.dom.handler.RequestData;
@@ -44,14 +46,15 @@ import org.w3c.dom.Document;
  */
 
 public class UsernameTokenSignedAction implements Action {
-    public void execute(WSHandler handler, int actionToDo, Document doc, RequestData reqData)
+    public void execute(WSHandler handler, SecurityActionToken actionToken,
+                        Document doc, RequestData reqData)
             throws WSSecurityException {
         CallbackHandler callbackHandler = reqData.getCallbackHandler();
         if (callbackHandler == null) {
             callbackHandler = handler.getPasswordCallbackHandler(reqData);
         }
         WSPasswordCallback passwordCallback = 
-            handler.getPasswordCB(reqData.getUsername(), actionToDo, callbackHandler, reqData);
+            handler.getPasswordCB(reqData.getUsername(), WSConstants.UT_SIGN, callbackHandler, reqData);
 
         WSSecUsernameToken builder = new WSSecUsernameToken(reqData.getWssConfig());
         
@@ -80,17 +83,25 @@ public class UsernameTokenSignedAction i
         // after "prepare" the Signature XML element is ready and may prepend
         // this to the security header.
         
+        SignatureActionToken signatureToken = null;
+        if (actionToken instanceof SignatureActionToken) {
+            signatureToken = (SignatureActionToken)actionToken;
+        }
+        if (signatureToken == null) {
+            signatureToken = reqData.getSignatureToken();
+        }
+        
         WSSecSignature sign = new WSSecSignature(reqData.getWssConfig());
         sign.setCustomTokenValueType(WSConstants.USERNAMETOKEN_NS + "#UsernameToken");
         sign.setCustomTokenId(builder.getId());
         sign.setSecretKey(builder.getDerivedKey());
         sign.setKeyIdentifierType(WSConstants.CUSTOM_SYMM_SIGNING);
-        if (reqData.getSigDigestAlgorithm() != null) {
-            sign.setDigestAlgo(reqData.getSigDigestAlgorithm());
+        if (signatureToken.getDigestAlgorithm() != null) {
+            sign.setDigestAlgo(signatureToken.getDigestAlgorithm());
         }
         
-        if (reqData.getSigAlgorithm() != null) {
-            sign.setSignatureAlgorithm(reqData.getSigAlgorithm());
+        if (signatureToken.getSignatureAlgorithm() != null) {
+            sign.setSignatureAlgorithm(signatureToken.getSignatureAlgorithm());
         } else {
             sign.setSignatureAlgorithm(WSConstants.HMAC_SHA1);
         }
@@ -104,8 +115,8 @@ public class UsernameTokenSignedAction i
         // builder.prependToHeader(reqData.getSecHeader());
 
         List<WSEncryptionPart> parts = null;
-        if (reqData.getSignatureParts().size() > 0) {
-            parts = reqData.getSignatureParts();
+        if (signatureToken.getParts().size() > 0) {
+            parts = signatureToken.getParts();
         } else {
             SOAPConstants soapConstants = reqData.getSoapConstants();
             if (soapConstants == null) {

Added: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/HandlerAction.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/HandlerAction.java?rev=1526479&view=auto
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/HandlerAction.java (added)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/HandlerAction.java Thu Sep 26 13:21:19 2013
@@ -0,0 +1,58 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.wss4j.dom.handler;
+
+import org.apache.wss4j.common.SecurityActionToken;
+
+
+/**
+ * This class associates an "Action" Integer with a (optional) SecurityActionToken
+ */
+public class HandlerAction {
+    
+    private Integer action;
+    private SecurityActionToken actionToken;
+    
+    public HandlerAction() {
+        
+    }
+    
+    public HandlerAction(Integer action) {
+        this(action, null);
+    }
+    
+    public HandlerAction(Integer action, SecurityActionToken actionToken) {
+        this.action = action;
+        this.actionToken = actionToken;
+    }
+    
+    public Integer getAction() {
+        return action;
+    }
+    public void setAction(Integer action) {
+        this.action = action;
+    }
+    public SecurityActionToken getActionToken() {
+        return actionToken;
+    }
+    public void setActionToken(SecurityActionToken actionToken) {
+        this.actionToken = actionToken;
+    }
+}
\ No newline at end of file

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/RequestData.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/RequestData.java?rev=1526479&r1=1526478&r2=1526479&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/RequestData.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/handler/RequestData.java Thu Sep 26 13:21:19 2013
@@ -20,7 +20,6 @@
 package org.apache.wss4j.dom.handler;
 
 import java.security.cert.Certificate;
-import java.security.cert.X509Certificate;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.Collections;
@@ -31,11 +30,8 @@ import java.util.regex.Pattern;
 import javax.security.auth.callback.CallbackHandler;
 import javax.xml.namespace.QName;
 
-import org.apache.wss4j.dom.SOAPConstants;
-import org.apache.wss4j.dom.WSConstants;
-import org.apache.wss4j.dom.WSEncryptionPart;
-import org.apache.wss4j.dom.WSSConfig;
-import org.apache.wss4j.dom.bsp.BSPEnforcer;
+import org.apache.wss4j.common.EncryptionActionToken;
+import org.apache.wss4j.common.SignatureActionToken;
 import org.apache.wss4j.common.bsp.BSPRule;
 import org.apache.wss4j.common.cache.ReplayCache;
 import org.apache.wss4j.common.cache.ReplayCacheFactory;
@@ -43,6 +39,10 @@ import org.apache.wss4j.common.crypto.Al
 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.crypto.PasswordEncryptor;
 import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.dom.SOAPConstants;
+import org.apache.wss4j.dom.WSConstants;
+import org.apache.wss4j.dom.WSSConfig;
+import org.apache.wss4j.dom.bsp.BSPEnforcer;
 import org.apache.wss4j.dom.message.WSSecHeader;
 import org.apache.wss4j.dom.message.token.UsernameToken;
 import org.apache.wss4j.dom.util.WSSecurityUtil;
@@ -55,37 +55,20 @@ import org.apache.xml.security.utils.Bas
 public class RequestData {
     
     private Object msgContext;
-    private boolean noSerialization ;
     private SOAPConstants soapConstants ;
     private String actor;
     private String username ;
     private String pwType = WSConstants.PASSWORD_DIGEST; // Make this the default when no password type is given.
-    private Crypto sigCrypto;
     private Crypto sigVerCrypto;
-    private Crypto encCrypto;
     private Crypto decCrypto;
-    private int sigKeyId;
-    private String sigAlgorithm;
-    private String signatureDigestAlgorithm;
-    private String signatureC14nAlgorithm;
-    private String encryptionDigestAlgorithm;
-    private String encryptionMGFAlgorithm;
-    private List<WSEncryptionPart> signatureParts = new ArrayList<WSEncryptionPart>();
-    private int encKeyId;
-    private String encSymmAlgo;
-    private String encKeyTransport;
-    private String encUser;
-    private String signatureUser ;
-    private List<WSEncryptionPart> encryptParts = new ArrayList<WSEncryptionPart>();
-    private X509Certificate encCert;
+    private SignatureActionToken signatureToken;
+    private EncryptionActionToken encryptionToken;
     private int timeToLive = 300;   // Timestamp: time in seconds between creation and expiry
     private WSSConfig wssConfig;
     private List<byte[]> signatureValues = new ArrayList<byte[]>();
     private WSSecHeader secHeader;
-    private boolean encSymmetricEncryptionKey = true;
     private int derivedKeyIterations = UsernameToken.DEFAULT_ITERATION;
     private boolean useDerivedKeyForMAC = true;
-    private boolean useSingleCert = true;
     private CallbackHandler callback;
     private boolean enableRevocation;
     protected boolean requireSignedEncryptedDataElements;
@@ -103,7 +86,6 @@ public class RequestData {
     private boolean addUsernameTokenNonce;
     private boolean addUsernameTokenCreated;
     private Certificate[] tlsCerts;
-    private boolean includeSignatureToken;
     private boolean enableTimestampReplayCache = true;
     private boolean enableNonceReplayCache = true;
     private boolean enableSamlOneTimeUseReplayCache = true;
@@ -111,21 +93,14 @@ public class RequestData {
 
     public void clear() {
         soapConstants = null;
-        actor = username = pwType = sigAlgorithm = encSymmAlgo = encKeyTransport = encUser = null;
-        sigCrypto = decCrypto = encCrypto = sigVerCrypto = null;
-        signatureParts.clear();
-        encryptParts.clear();
-        encCert = null;
+        actor = username = pwType = null;
+        decCrypto = sigVerCrypto = null;
+        signatureToken = null;
+        encryptionToken = null;
         wssConfig = null;
         signatureValues.clear();
-        signatureDigestAlgorithm = null;
-        signatureC14nAlgorithm = null;
-        encryptionDigestAlgorithm = null;
-        encSymmetricEncryptionKey = true;
-        signatureUser = null;
         derivedKeyIterations = UsernameToken.DEFAULT_ITERATION;
         useDerivedKeyForMAC = true;
-        useSingleCert = true;
         callback = null;
         enableRevocation = false;
         timestampReplayCache = null;
@@ -142,17 +117,12 @@ public class RequestData {
         setAddUsernameTokenNonce(false);
         setAddUsernameTokenCreated(false);
         setTlsCerts(null);
-        includeSignatureToken = false;
         enableTimestampReplayCache = true;
         enableNonceReplayCache = true;
         setEnableSamlOneTimeUseReplayCache(true);
         passwordEncryptor = null;
     }
 
-    public String getSignatureC14nAlgorithm() {
-        return signatureC14nAlgorithm;
-    }
-
     public boolean isEnableTimestampReplayCache() {
         return enableTimestampReplayCache;
     }
@@ -169,10 +139,6 @@ public class RequestData {
         this.enableNonceReplayCache = enableNonceReplayCache;
     }
 
-    public void setSignatureC14nAlgorithm(String signatureC14nAlgorithm) {
-        this.signatureC14nAlgorithm = signatureC14nAlgorithm;
-    }
-
     public Object getMsgContext() {
         return msgContext;
     }
@@ -181,14 +147,6 @@ public class RequestData {
         this.msgContext = msgContext;
     }
 
-    public boolean isNoSerialization() {
-        return noSerialization;
-    }
-
-    public void setNoSerialization(boolean noSerialization) {
-        this.noSerialization = noSerialization;
-    }
-
     public SOAPConstants getSoapConstants() {
         return soapConstants;
     }
@@ -213,14 +171,6 @@ public class RequestData {
         this.username = username;
     }
     
-    public void setEncryptSymmetricEncryptionKey(boolean encrypt) {
-        encSymmetricEncryptionKey = encrypt;
-    }
-    
-    public boolean getEncryptSymmetricEncryptionKey() {
-        return encSymmetricEncryptionKey;
-    }
-
     public String getPwType() {
         return pwType;
     }
@@ -229,14 +179,6 @@ public class RequestData {
         this.pwType = pwType;
     }
 
-    public Crypto getSigCrypto() {
-        return sigCrypto;
-    }
-
-    public void setSigCrypto(Crypto sigCrypto) {
-        this.sigCrypto = sigCrypto;
-    }
-    
     public Crypto getSigVerCrypto() {
         return sigVerCrypto;
     }
@@ -253,110 +195,6 @@ public class RequestData {
         this.decCrypto = decCrypto;
     }
 
-    public int getSigKeyId() {
-        return sigKeyId;
-    }
-
-    public void setSigKeyId(int sigKeyId) {
-        this.sigKeyId = sigKeyId;
-    }
-
-    public String getSigAlgorithm() {
-        return sigAlgorithm;
-    }
-
-    public void setSigAlgorithm(String sigAlgorithm) {
-        this.sigAlgorithm = sigAlgorithm;
-    }
-    
-    public String getSigDigestAlgorithm() {
-        return signatureDigestAlgorithm;
-    }
-
-    public void setSigDigestAlgorithm(String sigDigestAlgorithm) {
-        this.signatureDigestAlgorithm = sigDigestAlgorithm;
-    }
-    
-    public String getEncDigestAlgorithm() {
-        return encryptionDigestAlgorithm;
-    }
-
-    public void setEncDigestAlgorithm(String encDigestAlgorithm) {
-        this.encryptionDigestAlgorithm = encDigestAlgorithm;
-    }
-
-    public String getEncMGFAlgorithm() {
-        return encryptionMGFAlgorithm;
-    }
-
-    public void setEncMGFAlgorithm(String encMGFAlgorithm) {
-        this.encryptionMGFAlgorithm = encMGFAlgorithm;
-    }
-
-    public List<WSEncryptionPart> getSignatureParts() {
-        return signatureParts;
-    }
-    
-    public String getSignatureUser() {
-        return signatureUser;
-    }
-
-    public void setSignatureUser(String signatureUser) {
-        this.signatureUser = signatureUser;
-    }
-
-    public Crypto getEncCrypto() {
-        return encCrypto;
-    }
-
-    public void setEncCrypto(Crypto encCrypto) {
-        this.encCrypto = encCrypto;
-    }
-
-    public int getEncKeyId() {
-        return encKeyId;
-    }
-
-    public void setEncKeyId(int encKeyId) {
-        this.encKeyId = encKeyId;
-    }
-
-    public String getEncSymmAlgo() {
-        return encSymmAlgo;
-    }
-
-    public void setEncSymmAlgo(String encSymmAlgo) {
-        this.encSymmAlgo = encSymmAlgo;
-    }
-
-    public String getEncKeyTransport() {
-        return encKeyTransport;
-    }
-
-    public void setEncKeyTransport(String encKeyTransport) {
-        this.encKeyTransport = encKeyTransport;
-    }
-
-    public String getEncUser() {
-        return encUser;
-    }
-
-    public void setEncUser(String encUser) {
-        this.encUser = encUser;
-    }
-
-    public List<WSEncryptionPart> getEncryptParts() {
-        return encryptParts;
-    }
-
-    public X509Certificate getEncCert() {
-        return encCert;
-    }
-
-    public void setEncCert(X509Certificate encCert) {
-        this.encCert = encCert;
-    }
-
     public int getTimeToLive() {
         return timeToLive;
     }
@@ -433,24 +271,6 @@ public class RequestData {
     }
     
     /**
-     * Whether to use a single certificate or a whole certificate chain when
-     * constructing a BinarySecurityToken used for direct reference in Signature.
-     * @param useSingleCert true if only to use a single certificate
-     */
-    public void setUseSingleCert(boolean useSingleCert) {
-        this.useSingleCert = useSingleCert;
-    }
-    
-    /**
-     * Whether to use a single certificate or a whole certificate chain when
-     * constructing a BinarySecurityToken used for direct reference in Signature.
-     * @return whether to use a single certificate
-     */
-    public boolean isUseSingleCert() {
-        return useSingleCert;
-    }
-
-    /**
      * Set whether to enable CRL checking or not when verifying trust in a certificate.
      * @param enableRevocation whether to enable CRL checking 
      */
@@ -681,14 +501,6 @@ public class RequestData {
         this.tlsCerts = tlsCerts;
     }
 
-    public boolean isIncludeSignatureToken() {
-        return includeSignatureToken;
-    }
-
-    public void setIncludeSignatureToken(boolean includeSignatureToken) {
-        this.includeSignatureToken = includeSignatureToken;
-    }
-
     public PasswordEncryptor getPasswordEncryptor() {
         return passwordEncryptor;
     }
@@ -704,5 +516,21 @@ public class RequestData {
     public void setEnableSamlOneTimeUseReplayCache(boolean enableSamlOneTimeUseReplayCache) {
         this.enableSamlOneTimeUseReplayCache = enableSamlOneTimeUseReplayCache;
     }
+
+    public SignatureActionToken getSignatureToken() {
+        return signatureToken;
+    }
+
+    public void setSignatureToken(SignatureActionToken signatureToken) {
+        this.signatureToken = signatureToken;
+    }
+
+    public EncryptionActionToken getEncryptionToken() {
+        return encryptionToken;
+    }
+
+    public void setEncryptionToken(EncryptionActionToken encryptionToken) {
+        this.encryptionToken = encryptionToken;
+    }
         
 }



Mime
View raw message