ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1862433 - in /webservices/wss4j/trunk: ws-security-common/src/main/java/org/apache/wss4j/common/crypto/ ws-security-common/src/main/java/org/apache/wss4j/common/saml/ ws-security-common/src/main/java/org/apache/wss4j/common/util/ ws-securi...
Date Tue, 02 Jul 2019 14:42:08 GMT
Author: coheigea
Date: Tue Jul  2 14:42:08 2019
New Revision: 1862433

URL: http://svn.apache.org/viewvc?rev=1862433&view=rev
Log:
Changing some warnings to log at warn rather than fine

Modified:
    webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/AlgorithmSuiteValidator.java
    webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/saml/SamlAssertionWrapper.java
    webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/DateUtil.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/UsernameToken.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedKeyProcessor.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/SamlAssertionValidator.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/UsernameTokenValidator.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/DecryptInputProcessor.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/WSSEncryptedKeyInputHandler.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/WSSSignatureInputHandler.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/SamlTokenValidatorImpl.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/UsernameTokenValidatorImpl.java

Modified: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/AlgorithmSuiteValidator.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/AlgorithmSuiteValidator.java?rev=1862433&r1=1862432&r2=1862433&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/AlgorithmSuiteValidator.java
(original)
+++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/AlgorithmSuiteValidator.java
Tue Jul  2 14:42:08 2019
@@ -56,7 +56,7 @@ public class AlgorithmSuiteValidator {
         Set<String> allowedSignatureMethods = algorithmSuite.getSignatureMethods();
         if (!allowedSignatureMethods.isEmpty()
             && !allowedSignatureMethods.contains(signatureMethod)) {
-            LOG.debug(
+            LOG.warn(
                 "SignatureMethod " + signatureMethod + " does not match required values"
             );
             throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY);
@@ -71,7 +71,7 @@ public class AlgorithmSuiteValidator {
     ) throws WSSecurityException {
         Set<String> allowedC14nAlgorithms = algorithmSuite.getC14nAlgorithms();
         if (!allowedC14nAlgorithms.isEmpty() && !allowedC14nAlgorithms.contains(c14nAlgorithm))
{
-            LOG.debug(
+            LOG.warn(
                 "C14nMethod " + c14nAlgorithm + " does not match required value"
             );
             throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY);
@@ -101,7 +101,7 @@ public class AlgorithmSuiteValidator {
             Set<String> allowedDigestAlgorithms = algorithmSuite.getDigestAlgorithms();
             if (!allowedDigestAlgorithms.isEmpty()
                     && !allowedDigestAlgorithms.contains(digestMethod)) {
-                LOG.debug(
+                LOG.warn(
                     "DigestMethod " + digestMethod + " does not match required value"
                 );
                 throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY);
@@ -115,7 +115,7 @@ public class AlgorithmSuiteValidator {
                         algorithmSuite.getTransformAlgorithms();
                 if (!allowedTransformAlgorithms.isEmpty()
                         && !allowedTransformAlgorithms.contains(algorithm)) {
-                    LOG.debug(
+                    LOG.warn(
                         "Transform method " + algorithm + " does not match required value"
                     );
                     throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY);
@@ -130,7 +130,7 @@ public class AlgorithmSuiteValidator {
         Set<String> keyWrapAlgorithms = algorithmSuite.getKeyWrapAlgorithms();
         if (!keyWrapAlgorithms.isEmpty()
             && !keyWrapAlgorithms.contains(keyWrapAlgorithm)) {
-            LOG.debug(
+            LOG.warn(
                 "The Key transport method does not match the requirement"
             );
             throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY);
@@ -143,7 +143,7 @@ public class AlgorithmSuiteValidator {
         Set<String> encryptionMethods = algorithmSuite.getEncryptionMethods();
         if (!encryptionMethods.isEmpty()
             && !encryptionMethods.contains(symmetricAlgorithm)) {
-            LOG.debug(
+            LOG.warn(
                 "The encryption algorithm does not match the requirement"
             );
             throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY);
@@ -191,7 +191,7 @@ public class AlgorithmSuiteValidator {
             int modulus = ((RSAPublicKey)publicKey).getModulus().bitLength();
             if (modulus < algorithmSuite.getMinimumAsymmetricKeyLength()
                 || modulus > algorithmSuite.getMaximumAsymmetricKeyLength()) {
-                LOG.debug(
+                LOG.warn(
                     "The asymmetric key length does not match the requirement"
                 );
                 throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY);
@@ -200,13 +200,13 @@ public class AlgorithmSuiteValidator {
             int length = ((DSAPublicKey)publicKey).getParams().getP().bitLength();
             if (length < algorithmSuite.getMinimumAsymmetricKeyLength()
                 || length > algorithmSuite.getMaximumAsymmetricKeyLength()) {
-                LOG.debug(
+                LOG.warn(
                     "The asymmetric key length does not match the requirement"
                 );
                 throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY);
             }
         } else {
-            LOG.debug(
+            LOG.warn(
                 "An unknown public key was provided"
             );
             throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY);
@@ -221,7 +221,7 @@ public class AlgorithmSuiteValidator {
     ) throws WSSecurityException {
         if (secretKeyLength < (algorithmSuite.getMinimumSymmetricKeyLength() / 8)
             || secretKeyLength > (algorithmSuite.getMaximumSymmetricKeyLength() / 8))
{
-            LOG.debug(
+            LOG.warn(
                 "The symmetric key length does not match the requirement"
             );
             throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY);
@@ -236,7 +236,7 @@ public class AlgorithmSuiteValidator {
     ) throws WSSecurityException {
         int requiredKeyLength = algorithmSuite.getSignatureDerivedKeyLength();
         if (requiredKeyLength > 0 && (derivedKeyLength / 8) != requiredKeyLength)
{
-            LOG.debug(
+            LOG.warn(
                 "The signature derived key length of " + derivedKeyLength + " does not match"
                 + "the requirement of " + requiredKeyLength
             );
@@ -251,7 +251,7 @@ public class AlgorithmSuiteValidator {
     ) throws WSSecurityException {
         int requiredKeyLength = algorithmSuite.getEncryptionDerivedKeyLength();
         if (requiredKeyLength > 0 && (derivedKeyLength / 8) != requiredKeyLength)
{
-            LOG.debug(
+            LOG.warn(
                 "The encryption derived key length of " + derivedKeyLength + " does not match"
                 + "the requirement of " + requiredKeyLength
             );
@@ -267,7 +267,7 @@ public class AlgorithmSuiteValidator {
         Set<String> derivedKeyAlgorithms = algorithmSuite.getDerivedKeyAlgorithms();
         if (!derivedKeyAlgorithms.isEmpty()
             && !derivedKeyAlgorithms.contains(algorithm)) {
-            LOG.debug(
+            LOG.warn(
                 "The Derived Key Algorithm does not match the requirement"
             );
             throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY);

Modified: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/saml/SamlAssertionWrapper.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/saml/SamlAssertionWrapper.java?rev=1862433&r1=1862432&r2=1862433&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/saml/SamlAssertionWrapper.java
(original)
+++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/saml/SamlAssertionWrapper.java
Tue Jul  2 14:42:08 2019
@@ -829,13 +829,13 @@ public class SamlAssertionWrapper {
             DateTime currentTime = new DateTime();
             currentTime = currentTime.plusSeconds(futureTTL);
             if (validFrom.isAfter(currentTime)) {
-                LOG.debug("SAML Token condition (Not Before) not met");
+                LOG.warn("SAML Token condition (Not Before) not met");
                 throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "invalidSAMLsecurity");
             }
         }
 
         if (validTill != null && validTill.isBeforeNow()) {
-            LOG.debug("SAML Token condition (Not On Or After) not met");
+            LOG.warn("SAML Token condition (Not On Or After) not met");
             throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "invalidSAMLsecurity");
         }
     }
@@ -861,7 +861,7 @@ public class SamlAssertionWrapper {
         if (issueInstant != null) {
             DateTime currentTime = new DateTime().plusSeconds(futureTTL);
             if (issueInstant.isAfter(currentTime)) {
-                LOG.debug("SAML Token IssueInstant not met");
+                LOG.warn("SAML Token IssueInstant not met");
                 throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "invalidSAMLsecurity");
             }
 
@@ -870,7 +870,7 @@ public class SamlAssertionWrapper {
                 currentTime = new DateTime().minusSeconds(ttl);
 
                 if (issueInstant.isBefore(currentTime)) {
-                    LOG.debug("SAML Token IssueInstant not met. The assertion was created
too long ago.");
+                    LOG.warn("SAML Token IssueInstant not met. The assertion was created
too long ago.");
                     throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE,
"invalidSAMLsecurity");
                 }
             }
@@ -987,13 +987,13 @@ public class SamlAssertionWrapper {
         DateTime currentTime = new DateTime();
         currentTime = currentTime.plusSeconds(futureTTL);
         if (authnInstant.isAfter(currentTime)) {
-            LOG.debug("SAML Token AuthnInstant not met");
+            LOG.warn("SAML Token AuthnInstant not met");
             throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "invalidSAMLsecurity");
         }
 
         // Stale SessionNotOnOrAfter
         if (sessionNotOnOrAfter != null && sessionNotOnOrAfter.isBeforeNow()) {
-            LOG.debug("SAML Token SessionNotOnOrAfter not met");
+            LOG.warn("SAML Token SessionNotOnOrAfter not met");
             throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "invalidSAMLsecurity");
         }
 
@@ -1001,7 +1001,7 @@ public class SamlAssertionWrapper {
         if (subjectLocalityAddress != null
             && !(InetAddressUtils.isIPv4Address(subjectLocalityAddress)
                 || InetAddressUtils.isIPv6Address(subjectLocalityAddress))) {
-            LOG.debug("SAML Token SubjectLocality address is not valid: " + subjectLocalityAddress);
+            LOG.warn("SAML Token SubjectLocality address is not valid: " + subjectLocalityAddress);
             throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "invalidSAMLsecurity");
         }
     }

Modified: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/DateUtil.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/DateUtil.java?rev=1862433&r1=1862432&r2=1862433&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/DateUtil.java
(original)
+++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/wss4j/common/util/DateUtil.java
Tue Jul  2 14:42:08 2019
@@ -23,12 +23,12 @@ import java.time.Instant;
 import java.time.format.DateTimeFormatter;
 
 public final class DateUtil {
-    
+
     private static final org.slf4j.Logger LOG =
             org.slf4j.LoggerFactory.getLogger(DateUtil.class);
-    
+
     private static final DateTimeFormatter MILLISECOND_FORMATTER = DateTimeFormatter.ofPattern("yyyy-MM-dd'T'HH:mm:ss.SSS'Z'");
-    
+
     private static final DateTimeFormatter SECOND_FORMATTER = DateTimeFormatter.ofPattern("yyyy-MM-dd'T'HH:mm:ss'Z'");
 
     private DateUtil() {
@@ -54,20 +54,20 @@ public final class DateUtil {
 
         Instant validCreation = Instant.now();
         if (futureTimeToLive > 0) {
-            validCreation = validCreation.plusSeconds((long)futureTimeToLive);
+            validCreation = validCreation.plusSeconds(futureTimeToLive);
         }
         // Check to see if the created time is in the future
         if (created.isAfter(validCreation)) {
-            LOG.debug("Validation of Created: The message was created in the future!");
+            LOG.warn("Validation of Created: The message was created in the future!");
             return false;
         }
 
         // Calculate the time that is allowed for the message to travel
-        validCreation = Instant.now().minusSeconds((long)timeToLive);
+        validCreation = Instant.now().minusSeconds(timeToLive);
 
         // Validate the time it took the message to travel
         if (created.isBefore(validCreation)) {
-            LOG.debug("Validation of Created: The message was created too long ago");
+            LOG.warn("Validation of Created: The message was created too long ago");
             return false;
         }
 

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/UsernameToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/UsernameToken.java?rev=1862433&r1=1862432&r2=1862433&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/UsernameToken.java
(original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/token/UsernameToken.java
Tue Jul  2 14:42:08 2019
@@ -583,7 +583,7 @@ public class UsernameToken {
      */
     public byte[] getDerivedKey(BSPEnforcer bspEnforcer, String rawPassword) throws WSSecurityException
{
         if (rawPassword == null) {
-            LOG.debug("The raw password was null");
+            LOG.warn("The raw password was null");
             throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION);
         }
 

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedKeyProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedKeyProcessor.java?rev=1862433&r1=1862432&r2=1862433&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedKeyProcessor.java
(original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/EncryptedKeyProcessor.java
Tue Jul  2 14:42:08 2019
@@ -570,7 +570,7 @@ public class EncryptedKeyProcessor imple
 
         // EncryptionAlgorithm cannot be null
         if (symEncAlgo == null) {
-            LOG.debug("No encryption algorithm was specified in the request");
+            LOG.warn("No encryption algorithm was specified in the request");
             throw new WSSecurityException(WSSecurityException.ErrorCode.UNSUPPORTED_ALGORITHM,
"badEncAlgo",
                                           new Object[] {null});
 

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java?rev=1862433&r1=1862432&r2=1862433&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java
(original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SignatureProcessor.java
Tue Jul  2 14:42:08 2019
@@ -375,7 +375,7 @@ public class SignatureProcessor implemen
             // Log the exact signature error
             //
             if (LOG.isDebugEnabled()) {
-                LOG.debug("XML Signature verification has failed");
+                LOG.warn("XML Signature verification has failed");
                 boolean signatureValidationCheck =
                     xmlSignature.getSignatureValue().validate(context);
                 LOG.debug("Signature Validation check: " + signatureValidationCheck);

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/SamlAssertionValidator.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/SamlAssertionValidator.java?rev=1862433&r1=1862432&r2=1862433&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/SamlAssertionValidator.java
(original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/SamlAssertionValidator.java
Tue Jul  2 14:42:08 2019
@@ -134,11 +134,11 @@ public class SamlAssertionValidator exte
         List<String> methods = samlAssertion.getConfirmationMethods();
         if (methods == null || methods.isEmpty()) {
             if (requiredSubjectConfirmationMethod != null) {
-                LOG.debug("A required subject confirmation method was not present");
+                LOG.warn("A required subject confirmation method was not present");
                 throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE,
                                           "invalidSAMLsecurity");
             } else if (requireStandardSubjectConfirmationMethod) {
-                LOG.debug("A standard subject confirmation method was not present");
+                LOG.warn("A standard subject confirmation method was not present");
                 throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE,
                                           "invalidSAMLsecurity");
             }
@@ -150,13 +150,13 @@ public class SamlAssertionValidator exte
         for (String method : methods) {
             if (OpenSAMLUtil.isMethodHolderOfKey(method)) {
                 if (samlAssertion.getSubjectKeyInfo() == null) {
-                    LOG.debug("There is no Subject KeyInfo to match the holder-of-key subject
conf method");
+                    LOG.warn("There is no Subject KeyInfo to match the holder-of-key subject
conf method");
                     throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE,
"noKeyInSAMLToken");
                 }
 
                 // The assertion must have been signed for HOK
                 if (!signed) {
-                    LOG.debug("A holder-of-key assertion must be signed");
+                    LOG.warn("A holder-of-key assertion must be signed");
                     throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE,
"invalidSAMLsecurity");
                 }
                 standardMethodFound = true;
@@ -170,7 +170,7 @@ public class SamlAssertionValidator exte
                     || SAML1Constants.CONF_BEARER.equals(method)) {
                     standardMethodFound = true;
                     if (requireBearerSignature && !signed) {
-                        LOG.debug("A Bearer Assertion was not signed");
+                        LOG.warn("A Bearer Assertion was not signed");
                         throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE,
                                                       "invalidSAMLsecurity");
                     }
@@ -182,13 +182,13 @@ public class SamlAssertionValidator exte
         }
 
         if (!requiredMethodFound && requiredSubjectConfirmationMethod != null) {
-            LOG.debug("A required subject confirmation method was not present");
+            LOG.warn("A required subject confirmation method was not present");
             throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE,
                                           "invalidSAMLsecurity");
         }
 
         if (!standardMethodFound && requireStandardSubjectConfirmationMethod) {
-            LOG.debug("A standard subject confirmation method was not present");
+            LOG.warn("A standard subject confirmation method was not present");
             throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE,
                                       "invalidSAMLsecurity");
         }

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/UsernameTokenValidator.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/UsernameTokenValidator.java?rev=1862433&r1=1862432&r2=1862433&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/UsernameTokenValidator.java
(original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/UsernameTokenValidator.java
Tue Jul  2 14:42:08 2019
@@ -72,7 +72,7 @@ public class UsernameTokenValidator impl
         LOG.debug("UsernameToken password type {}", pwType);
 
         if (requiredPasswordType != null && !requiredPasswordType.equals(pwType))
{
-            LOG.debug("Authentication failed as the received password type does not "
+            LOG.warn("Authentication failed as the received password type does not "
                 + "match the required password type of: {}", requiredPasswordType);
             throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION);
         }
@@ -90,7 +90,7 @@ public class UsernameTokenValidator impl
             verifyPlaintextPassword(usernameToken, data);
         } else if (password != null) {
             if (!handleCustomPasswordTypes) {
-                LOG.debug("Authentication failed as handleCustomUsernameTokenTypes is false");
+                LOG.warn("Authentication failed as handleCustomUsernameTokenTypes is false");
                 throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION);
             }
             verifyCustomPassword(usernameToken, data);
@@ -162,7 +162,7 @@ public class UsernameTokenValidator impl
         }
         String origPassword = pwCb.getPassword();
         if (origPassword == null) {
-            LOG.debug("Callback supplied no password for: {}", user);
+            LOG.warn("Callback supplied no password for: {}", user);
             throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION);
         }
         if (usernameToken.isHashed()) {
@@ -195,7 +195,7 @@ public class UsernameTokenValidator impl
 
         boolean allowUsernameTokenDerivedKeys = data.isAllowUsernameTokenNoPassword();
         if (!allowUsernameTokenDerivedKeys) {
-            LOG.debug("Authentication failed as the received UsernameToken does not "
+            LOG.warn("Authentication failed as the received UsernameToken does not "
                 + "contain any password element");
             throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION);
         }

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/DecryptInputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/DecryptInputProcessor.java?rev=1862433&r1=1862432&r2=1862433&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/DecryptInputProcessor.java
(original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/DecryptInputProcessor.java
Tue Jul  2 14:42:08 2019
@@ -260,7 +260,7 @@ public class DecryptInputProcessor exten
         String encryptionAlgorithm = encryptedDataType.getEncryptionMethod().getAlgorithm();
         if (this.getSecurityProperties().getEncryptionSymAlgorithm() != null
             && !this.getSecurityProperties().getEncryptionSymAlgorithm().equals(encryptionAlgorithm))
{
-            LOG.debug(
+            LOG.warn(
                 "The Key encryption method does not match the requirement"
             );
             throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY);

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/WSSEncryptedKeyInputHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/WSSEncryptedKeyInputHandler.java?rev=1862433&r1=1862432&r2=1862433&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/WSSEncryptedKeyInputHandler.java
(original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/WSSEncryptedKeyInputHandler.java
Tue Jul  2 14:42:08 2019
@@ -56,7 +56,7 @@ public class WSSEncryptedKeyInputHandler
             && encryptionMethodType != null) {
             String encryptionMethod = encryptionMethodType.getAlgorithm();
             if (!securityProperties.getEncryptionKeyTransportAlgorithm().equals(encryptionMethod))
{
-                LOG.debug(
+                LOG.warn(
                     "The Key transport method does not match the requirement"
                 );
                 throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY);

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/WSSSignatureInputHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/WSSSignatureInputHandler.java?rev=1862433&r1=1862432&r2=1862433&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/WSSSignatureInputHandler.java
(original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/WSSSignatureInputHandler.java
Tue Jul  2 14:42:08 2019
@@ -68,7 +68,7 @@ public class WSSSignatureInputHandler ex
         String algorithm = signatureType.getSignedInfo().getSignatureMethod().getAlgorithm();
         if (securityProperties.getSignatureAlgorithm() != null
             && !securityProperties.getSignatureAlgorithm().equals(algorithm)) {
-            LOG.debug(
+            LOG.warn(
                 "The Signature method does not match the requirement"
             );
             throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY);

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/SamlTokenValidatorImpl.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/SamlTokenValidatorImpl.java?rev=1862433&r1=1862432&r2=1862433&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/SamlTokenValidatorImpl.java
(original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/SamlTokenValidatorImpl.java
Tue Jul  2 14:42:08 2019
@@ -156,11 +156,11 @@ public class SamlTokenValidatorImpl exte
         List<String> methods = samlAssertion.getConfirmationMethods();
         if (methods == null || methods.isEmpty()) {
             if (requiredSubjectConfirmationMethod != null) {
-                LOG.debug("A required subject confirmation method was not present");
+                LOG.warn("A required subject confirmation method was not present");
                 throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE,
                                           "invalidSAMLsecurity");
             } else if (requireStandardSubjectConfirmationMethod) {
-                LOG.debug("A standard subject confirmation method was not present");
+                LOG.warn("A standard subject confirmation method was not present");
                 throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE,
                                           "invalidSAMLsecurity");
             }
@@ -173,7 +173,7 @@ public class SamlTokenValidatorImpl exte
             // The assertion must have been signed for HOK
             if (OpenSAMLUtil.isMethodHolderOfKey(method)) {
                 if (!signed) {
-                    LOG.debug("A holder-of-key assertion must be signed");
+                    LOG.warn("A holder-of-key assertion must be signed");
                     throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE,
                                                   "invalidSAMLsecurity");
                 }
@@ -188,7 +188,7 @@ public class SamlTokenValidatorImpl exte
                     || SAML1Constants.CONF_BEARER.equals(method)) {
                     standardMethodFound = true;
                     if (requireBearerSignature && !signed) {
-                        LOG.debug("A Bearer Assertion was not signed");
+                        LOG.warn("A Bearer Assertion was not signed");
                         throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE,
                                                       "invalidSAMLsecurity");
                     }
@@ -200,13 +200,13 @@ public class SamlTokenValidatorImpl exte
         }
 
         if (!requiredMethodFound && requiredSubjectConfirmationMethod != null) {
-            LOG.debug("A required subject confirmation method was not present");
+            LOG.warn("A required subject confirmation method was not present");
             throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE,
                                           "invalidSAMLsecurity");
         }
 
         if (!standardMethodFound && requireStandardSubjectConfirmationMethod) {
-            LOG.debug("A standard subject confirmation method was not present");
+            LOG.warn("A standard subject confirmation method was not present");
             throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE,
                                       "invalidSAMLsecurity");
         }

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/UsernameTokenValidatorImpl.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/UsernameTokenValidatorImpl.java?rev=1862433&r1=1862432&r2=1862433&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/UsernameTokenValidatorImpl.java
(original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/UsernameTokenValidatorImpl.java
Tue Jul  2 14:42:08 2019
@@ -63,14 +63,14 @@ public class UsernameTokenValidatorImpl
             tokenContext.getWssSecurityProperties().getUsernameTokenPasswordType();
         if (requiredPasswordType != null) {
             if (passwordType == null || passwordType.getType() == null) {
-                LOG.debug("Authentication failed as the received password type does not "
+                LOG.warn("Authentication failed as the received password type does not "
                     + "match the required password type of: {}", requiredPasswordType);
                 throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION);
             }
             WSSConstants.UsernameTokenPasswordType usernameTokenPasswordType =
                 WSSConstants.UsernameTokenPasswordType.getUsernameTokenPasswordType(passwordType.getType());
             if (requiredPasswordType != usernameTokenPasswordType) {
-                LOG.debug("Authentication failed as the received password type does not "
+                LOG.warn("Authentication failed as the received password type does not "
                     + "match the required password type of: {}", requiredPasswordType);
                 throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION);
             }



Mime
View raw message