ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1532331 - in /webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl: processor/input/SAMLTokenInputHandler.java securityToken/SamlSecurityTokenImpl.java
Date Tue, 15 Oct 2013 13:39:03 GMT
Author: coheigea
Date: Tue Oct 15 13:39:03 2013
New Revision: 1532331

URL: http://svn.apache.org/r1532331
Log:
[WSS-479] - "Inbound streaming does not handle Symmetric Holder-Of-Key correctly"

Modified:
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SAMLTokenInputHandler.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/SamlSecurityTokenImpl.java

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SAMLTokenInputHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SAMLTokenInputHandler.java?rev=1532331&r1=1532330&r2=1532331&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SAMLTokenInputHandler.java
(original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SAMLTokenInputHandler.java
Tue Oct 15 13:39:03 2013
@@ -410,7 +410,16 @@ public class SAMLTokenInputHandler exten
                 keyInfoType.getContent().add(securityTokenReferenceTypeJAXBElement);
             } else if (object instanceof EncryptedKeyType) {
                 EncryptedKeyType encryptedKeyType = (EncryptedKeyType) object;
-                keyInfoType = encryptedKeyType.getKeyInfo();
+                
+                WSSEncryptedKeyInputHandler encryptedKeyInputHandler = new WSSEncryptedKeyInputHandler();
+                encryptedKeyInputHandler.handle(inputProcessorChain, encryptedKeyType, xmlSecStartElement,
securityProperties);
+                
+                SecurityTokenProvider<? extends InboundSecurityToken> securityTokenProvider
=
+                    inputProcessorChain.getSecurityContext().getSecurityTokenProvider(encryptedKeyType.getId());
+                if (securityTokenProvider != null) {
+                    return securityTokenProvider.getSecurityToken();
+                }
+              
             } else if (object instanceof SecurityTokenReferenceType) {
                 JAXBElement<SecurityTokenReferenceType> securityTokenReferenceTypeJAXBElement
=
                         new ObjectFactory().createSecurityTokenReference((SecurityTokenReferenceType)
object);

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/SamlSecurityTokenImpl.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/SamlSecurityTokenImpl.java?rev=1532331&r1=1532330&r2=1532331&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/SamlSecurityTokenImpl.java
(original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/securityToken/SamlSecurityTokenImpl.java
Tue Oct 15 13:39:03 2013
@@ -127,12 +127,17 @@ public class SamlSecurityTokenImpl exten
 
     @Override
     protected Key getKey(String algorithmURI, XMLSecurityConstants.AlgorithmUsage algorithmUsage,
String correlationID) throws XMLSecurityException {
+        Key key = null;
         if (secret != null) {
-            return KeyUtils.prepareSecretKey(algorithmURI, secret);
+            key = KeyUtils.prepareSecretKey(algorithmURI, secret);
         } else if (this.subjectSecurityToken != null) {
-            return subjectSecurityToken.getSecretKey(algorithmURI, algorithmUsage, correlationID);
+            key = subjectSecurityToken.getSecretKey(algorithmURI, algorithmUsage, correlationID);
         } else if (subjectKeyInfo != null && subjectKeyInfo.getSecret() != null)
{
-            return KeyUtils.prepareSecretKey(algorithmURI, subjectKeyInfo.getSecret());
+            key = KeyUtils.prepareSecretKey(algorithmURI, subjectKeyInfo.getSecret());
+        }
+        if (key != null) {
+            super.setSecretKey(algorithmURI, key);
+            return key;
         }
         return super.getKey(algorithmURI, algorithmUsage, correlationID);
     }



Mime
View raw message