ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1812651 - in /webservices/wss4j/branches/2_1_x-fixes: ws-security-common/src/main/java/org/apache/wss4j/common/crypto/ ws-security-common/src/main/java/org/apache/wss4j/common/util/ ws-security-dom/src/test/java/org/apache/wss4j/dom/message/
Date Thu, 19 Oct 2017 16:15:49 GMT
Author: coheigea
Date: Thu Oct 19 16:15:49 2017
New Revision: 1812651

URL: http://svn.apache.org/viewvc?rev=1812651&view=rev
Log:
WSS-540 - Need to load properties outside of classpath

Modified:
    webservices/wss4j/branches/2_1_x-fixes/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/CryptoFactory.java
    webservices/wss4j/branches/2_1_x-fixes/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/Merlin.java
    webservices/wss4j/branches/2_1_x-fixes/ws-security-common/src/main/java/org/apache/wss4j/common/util/Loader.java
    webservices/wss4j/branches/2_1_x-fixes/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignatureTest.java

Modified: webservices/wss4j/branches/2_1_x-fixes/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/CryptoFactory.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_1_x-fixes/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/CryptoFactory.java?rev=1812651&r1=1812650&r2=1812651&view=diff
==============================================================================
--- webservices/wss4j/branches/2_1_x-fixes/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/CryptoFactory.java
(original)
+++ webservices/wss4j/branches/2_1_x-fixes/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/CryptoFactory.java
Thu Oct 19 16:15:49 2017
@@ -20,8 +20,8 @@
 package org.apache.wss4j.common.crypto;
 
 import java.io.IOException;
+import java.io.InputStream;
 import java.lang.reflect.Constructor;
-import java.net.URL;
 import java.util.Map;
 import java.util.Properties;
 
@@ -284,15 +284,16 @@ public abstract class CryptoFactory {
     ) throws WSSecurityException {
         Properties properties = new Properties();
         try {
-            URL url = Loader.getResource(loader, propFilename);
-            if (url == null) {
+            InputStream is = Loader.loadInputStream(loader, propFilename);
+            if (is == null) {
                 throw new WSSecurityException(
                     WSSecurityException.ErrorCode.FAILURE,
                     "resourceNotFound",
                     new Object[] {propFilename}
                 );
             }
-            properties.load(url.openStream());
+            properties.load(is);
+            is.close();
         } catch (IOException e) {
             if (LOG.isDebugEnabled()) {
                 LOG.debug("Cannot find resource: " + propFilename, e);

Modified: webservices/wss4j/branches/2_1_x-fixes/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/Merlin.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_1_x-fixes/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/Merlin.java?rev=1812651&r1=1812650&r2=1812651&view=diff
==============================================================================
--- webservices/wss4j/branches/2_1_x-fixes/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/Merlin.java
(original)
+++ webservices/wss4j/branches/2_1_x-fixes/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/Merlin.java
Thu Oct 19 16:15:49 2017
@@ -22,7 +22,6 @@ package org.apache.wss4j.common.crypto;
 import java.io.IOException;
 import java.io.InputStream;
 import java.math.BigInteger;
-import java.net.MalformedURLException;
 import java.nio.file.Files;
 import java.nio.file.Paths;
 import java.security.GeneralSecurityException;
@@ -366,40 +365,7 @@ public class Merlin extends CryptoBase {
      */
     public static InputStream loadInputStream(ClassLoader loader, String location)
         throws WSSecurityException, IOException {
-        InputStream is = null;
-        if (location != null) {
-            java.net.URL url = null;
-            // First see if it's a URL
-            try {
-                url = new java.net.URL(location);
-            } catch (MalformedURLException ex) { //NOPMD
-                // skip
-            }
-            // If not a URL, then try to load the resource
-            if (url == null) {
-                url = Loader.getResource(loader, location);
-            }
-            if (url != null) {
-                is = url.openStream();
-            }
-
-            //
-            // If we don't find it, then look on the file system.
-            //
-            if (is == null) {
-                try {
-                    is = Files.newInputStream(Paths.get(location));
-                } catch (Exception e) {
-                    if (DO_DEBUG) {
-                        LOG.debug(e.getMessage(), e);
-                    }
-                    throw new WSSecurityException(
-                            WSSecurityException.ErrorCode.FAILURE, e, "proxyNotFound", new
Object[] {location}
-                    );
-                }
-            }
-        }
-        return is;
+        return Loader.loadInputStream(loader, location);
     }
 
 

Modified: webservices/wss4j/branches/2_1_x-fixes/ws-security-common/src/main/java/org/apache/wss4j/common/util/Loader.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_1_x-fixes/ws-security-common/src/main/java/org/apache/wss4j/common/util/Loader.java?rev=1812651&r1=1812650&r2=1812651&view=diff
==============================================================================
--- webservices/wss4j/branches/2_1_x-fixes/ws-security-common/src/main/java/org/apache/wss4j/common/util/Loader.java
(original)
+++ webservices/wss4j/branches/2_1_x-fixes/ws-security-common/src/main/java/org/apache/wss4j/common/util/Loader.java
Thu Oct 19 16:15:49 2017
@@ -22,10 +22,15 @@ package org.apache.wss4j.common.util;
 import java.io.IOException;
 import java.io.InputStream;
 import java.lang.reflect.InvocationTargetException;
+import java.net.MalformedURLException;
 import java.net.URL;
+import java.nio.file.Files;
+import java.nio.file.Paths;
 import java.security.AccessController;
 import java.security.PrivilegedAction;
 
+import org.apache.wss4j.common.ext.WSSecurityException;
+
 /**
  * Load resources (or images) from various sources.
  * <p/>
@@ -34,6 +39,42 @@ public class Loader {
     private static final org.slf4j.Logger LOG =
             org.slf4j.LoggerFactory.getLogger(Loader.class);
 
+    public static InputStream loadInputStream(ClassLoader loader, String resource)
+        throws WSSecurityException, IOException {
+        InputStream is = null;
+        if (resource != null) {
+            URL url = null;
+            // First see if it's a URL
+            try {
+                url = new URL(resource);
+            } catch (MalformedURLException ex) { //NOPMD
+                // skip
+            }
+            // If not a URL, then try to load the resource
+            if (url == null) {
+                url = Loader.getResource(loader, resource);
+            }
+            if (url != null) {
+                is = url.openStream();
+            }
+
+            //
+            // If we don't find it, then look on the file system.
+            //
+            if (is == null) {
+                try {
+                    is = Files.newInputStream(Paths.get(resource));
+                } catch (Exception e) {
+                    LOG.debug(e.getMessage(), e);
+                    throw new WSSecurityException(
+                        WSSecurityException.ErrorCode.FAILURE, e, "resourceNotFound", new
Object[] {resource}
+                    );
+                }
+            }
+        }
+        return is;
+    }
+
     /**
      * This method will search for <code>resource</code> in different
      * places. The search order is as follows:

Modified: webservices/wss4j/branches/2_1_x-fixes/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignatureTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_1_x-fixes/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignatureTest.java?rev=1812651&r1=1812650&r2=1812651&view=diff
==============================================================================
--- webservices/wss4j/branches/2_1_x-fixes/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignatureTest.java
(original)
+++ webservices/wss4j/branches/2_1_x-fixes/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/SignatureTest.java
Thu Oct 19 16:15:49 2017
@@ -19,6 +19,7 @@
 
 package org.apache.wss4j.dom.message;
 
+import java.io.File;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.List;
@@ -891,6 +892,53 @@ public class SignatureTest extends org.j
 
         WSSecurityEngine newSecEngine = new WSSecurityEngine();
         WSHandlerResult results =
+            newSecEngine.processSecurityHeader(doc, data);
+        assertTrue(handler.checkResults(results.getResults(),
+                                        Collections.singletonList(WSConstants.SIGN)));
+    }
+
+    // See WSS-540
+    @Test
+    public void testLoadSignaturePropertiesFromFileSystem() throws Exception {
+        final WSSConfig cfg = WSSConfig.getNewInstance();
+        final RequestData reqData = new RequestData();
+        reqData.setWssConfig(cfg);
+        reqData.setUsername("16c73ab6-b892-458f-abf5-2f875f74882e");
+
+        java.util.Map<String, Object> config = new java.util.TreeMap<String, Object>();
+
+        String basedir = System.getProperty("basedir");
+        if (basedir == null) {
+            basedir = new File(".").getCanonicalPath();
+        }
+        File propsFile = new File(basedir + "/src/test/resources/crypto.properties");
+
+        config.put(WSHandlerConstants.SIG_PROP_FILE, propsFile.getPath());
+        config.put("password", "security");
+        reqData.setMsgContext(config);
+
+        final Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
+        CustomHandler handler = new CustomHandler();
+        HandlerAction action = new HandlerAction(WSConstants.SIGN);
+        handler.send(
+            doc,
+            reqData,
+            Collections.singletonList(action),
+            true
+        );
+        String outputString =
+            XMLUtils.prettyDocumentToString(doc);
+        if (LOG.isDebugEnabled()) {
+            LOG.debug("Signed message:");
+            LOG.debug(outputString);
+        }
+
+        RequestData data = new RequestData();
+        data.setWssConfig(WSSConfig.getNewInstance());
+        data.setSigVerCrypto(crypto);
+
+        WSSecurityEngine newSecEngine = new WSSecurityEngine();
+        WSHandlerResult results =
             newSecEngine.processSecurityHeader(doc, data);
         assertTrue(handler.checkResults(results.getResults(),
                                         Collections.singletonList(WSConstants.SIGN)));



Mime
View raw message