ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1790556 - in /webservices/wss4j/trunk: ./ ws-security-dom/src/main/java/org/apache/wss4j/dom/message/ ws-security-dom/src/main/java/org/apache/wss4j/dom/util/ ws-security-dom/src/test/java/org/apache/wss4j/dom/common/ ws-security-dom/src/t...
Date Fri, 07 Apr 2017 13:47:11 GMT
Author: coheigea
Date: Fri Apr  7 13:47:11 2017
New Revision: 1790556

URL: http://svn.apache.org/viewvc?rev=1790556&view=rev
Log:
WSS-605 - Ensure the ws-security-dom can work with the saaj impl in latest Java9 EA kit
 - Thanks to Freeman Fang for the patch

Modified:
    webservices/wss4j/trunk/pom.xml
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/Encryptor.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecHeader.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignatureBase.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/WSSecurityUtil.java
    webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/common/SOAPUtil.java
    webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenActionTest.java

Modified: webservices/wss4j/trunk/pom.xml
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/pom.xml?rev=1790556&r1=1790555&r2=1790556&view=diff
==============================================================================
--- webservices/wss4j/trunk/pom.xml (original)
+++ webservices/wss4j/trunk/pom.xml Fri Apr  7 13:47:11 2017
@@ -396,7 +396,7 @@
                                 <includes>
                                     <include>**/*Test.java</include>
                                 </includes>
-                                <argLine>-Xmx2000m --add-modules java.xml.bind --add-opens
java.base/java.lang.reflect=ALL-UNNAMED</argLine>
+                                <argLine>-Xmx2000m --add-modules java.xml.bind,java.xml.ws
--add-opens java.base/java.lang.reflect=ALL-UNNAMED --add-exports=java.xml.ws/com.sun.xml.internal.messaging.saaj.soap.impl=ALL-UNNAMED
--add-exports=java.xml.ws/com.sun.xml.internal.messaging.saaj.soap=ALL-UNNAMED</argLine>
                                 <systemPropertyVariables>
                                     <java.io.tmpdir>${basedir}/target</java.io.tmpdir>
                                 </systemPropertyVariables>

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/Encryptor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/Encryptor.java?rev=1790556&r1=1790555&r2=1790556&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/Encryptor.java
(original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/Encryptor.java
Fri Apr  7 13:47:11 2017
@@ -266,7 +266,7 @@ public class Encryptor {
         encryptionMethod.setAttributeNS(null, "Algorithm", encryptionAlgorithm);
 
         encryptedData.appendChild(encryptionMethod);
-        encryptedData.appendChild(keyInfo.getElement().cloneNode(true));
+        encryptedData.appendChild(WSSecurityUtil.cloneElement(doc, keyInfo.getElement()));
 
         Element cipherData =
             doc.createElementNS(WSConstants.ENC_NS, WSConstants.ENC_PREFIX + ":CipherData");
@@ -375,7 +375,7 @@ public class Encryptor {
             encryptionMethod.setAttributeNS(null, "Algorithm", encryptionAlgorithm);
 
             encryptedData.appendChild(encryptionMethod);
-            encryptedData.appendChild(keyInfo.getElement().cloneNode(true));
+            encryptedData.appendChild(WSSecurityUtil.cloneElement(doc, keyInfo.getElement()));
 
             Element cipherData =
                 doc.createElementNS(WSConstants.ENC_NS, WSConstants.ENC_PREFIX + ":CipherData");

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecHeader.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecHeader.java?rev=1790556&r1=1790555&r2=1790556&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecHeader.java
(original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecHeader.java
Fri Apr  7 13:47:11 2017
@@ -92,6 +92,15 @@ public class WSSecHeader {
     public void setMustUnderstand(boolean mu) {
         mustunderstand = mu;
     }
+    
+    /**
+     * Get the security header document of this instance.
+     *
+     * @return The security header element.
+     */
+    public Document getSecurityHeaderDoc() {
+        return this.doc;
+    }
 
     /**
      * Get the security header element of this instance.

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignatureBase.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignatureBase.java?rev=1790556&r1=1790555&r2=1790556&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignatureBase.java
(original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecSignatureBase.java
Fri Apr  7 13:47:11 2017
@@ -34,6 +34,7 @@ import javax.xml.crypto.dsig.XMLSignatur
 import javax.xml.crypto.dsig.spec.ExcC14NParameterSpec;
 import javax.xml.crypto.dsig.spec.TransformParameterSpec;
 
+
 import org.apache.wss4j.common.WSEncryptionPart;
 import org.apache.wss4j.common.ext.Attachment;
 import org.apache.wss4j.common.ext.AttachmentRequestCallback;
@@ -238,10 +239,10 @@ public class WSSecSignatureBase extends
                 // Clone the Element to be signed + insert the clone into the tree at the
same level
                 // We will expand the xop:Include for one of the nodes + sign that (and then
remove it),
                 // while leaving the original in the tree to be sent in the message
-                Element clonedElement = (Element)element.cloneNode(true);
-                element.getParentNode().appendChild(clonedElement);
+                                
                 clonedElements.add(element);
-
+                Document doc = this.getSecurityHeader().getSecurityHeaderDoc();
+                element.getParentNode().appendChild(WSSecurityUtil.cloneElement(doc, element));
                 WSSecurityUtil.inlineAttachments(includeElements, attachmentCallbackHandler,
false);
             }
         }

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/WSSecurityUtil.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/WSSecurityUtil.java?rev=1790556&r1=1790555&r2=1790556&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/WSSecurityUtil.java
(original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/WSSecurityUtil.java
Fri Apr  7 13:47:11 2017
@@ -42,10 +42,13 @@ import org.w3c.dom.Element;
 import org.w3c.dom.Node;
 import org.w3c.dom.Text;
 
+//import com.sun.xml.internal.messaging.saaj.soap.SOAPDocumentImpl;
+
 import java.io.ByteArrayInputStream;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.UnsupportedEncodingException;
+import java.lang.reflect.Method;
 import java.net.URLDecoder;
 import java.nio.charset.StandardCharsets;
 import java.util.ArrayList;
@@ -57,17 +60,41 @@ import javax.security.auth.callback.Call
 import javax.security.auth.callback.CallbackHandler;
 import javax.security.auth.callback.UnsupportedCallbackException;
 
+
 /**
  * WS-Security Utility methods. <p/>
  */
 public final class WSSecurityUtil {
+    
+    private static boolean isJava9SAAJ = false;
+        
     private static final org.slf4j.Logger LOG =
         org.slf4j.LoggerFactory.getLogger(WSSecurityUtil.class);
+    
+    static {
+        if (System.getProperty("java.version").startsWith("9")) {
+            
+            try {
+                Method[] methods = WSSecurityUtil.class.getClassLoader().
+                    loadClass("com.sun.xml.internal.messaging.saaj.soap.SOAPDocumentImpl").getMethods();
+                for (Method method : methods) {
+                    if (method.getName().equals("register")) {
+                        //this is the SAAJ impl in JDK9
+                        isJava9SAAJ = true;
+                        break;
+                    }
+                }
+            } catch (ClassNotFoundException cnfe) {
+                LOG.debug("can't load class com.sun.xml.internal.messaging.saaj.soap.SOAPDocumentImpl",
cnfe);
+            }
+        }
+    }
 
     private WSSecurityUtil() {
         // Complete
     }
-
+    
+    
     public static Element getSOAPHeader(Document doc) {
         String soapNamespace = WSSecurityUtil.getSOAPNamespace(doc.getDocumentElement());
         return
@@ -251,7 +278,7 @@ public final class WSSecurityUtil {
      * @param localName of the new element
      * @return the new element
      */
-    private static Element createElementInSameNamespace(Element parent, String localName)
{
+    private static Element createElementInSameNamespace(Node parent, String localName) {
         String qName = localName;
         String prefix = parent.getPrefix();
         if (prefix != null && prefix.length() > 0) {
@@ -261,6 +288,8 @@ public final class WSSecurityUtil {
         String nsUri = parent.getNamespaceURI();
         return parent.getOwnerDocument().createElementNS(nsUri, qName);
     }
+    
+    
 
 
     /**
@@ -275,10 +304,16 @@ public final class WSSecurityUtil {
         Element child
     ) {
         Node firstChild = parent.getFirstChild();
+        Element domChild = null;
+        try {
+            domChild = (Element)getDomElement(child);
+        } catch (WSSecurityException e) {
+            LOG.debug("Error when try to get Dom Element from the child", e);
+        }
         if (firstChild == null) {
-            return (Element)parent.appendChild(child);
+            return (Element)parent.appendChild(domChild);
         } else {
-            return (Element)parent.insertBefore(child, firstChild);
+            return (Element)parent.insertBefore(domChild, firstChild);
         }
     }
 
@@ -323,8 +358,34 @@ public final class WSSecurityUtil {
             );
         if (header == null) { // no SOAP header at all
             if (doCreate) {
-                header = createElementInSameNamespace(envelope, WSConstants.ELEM_HEADER);
-                header = prependChildElement(envelope, header);
+                if (isJava9SAAJ) {
+                    try {
+                        Node node = null;
+                        try {
+                            Method method = doc.getClass().getMethod("getEnvelope");
+                            node = (Node)method.invoke(doc);
+                        } catch (java.lang.NoSuchMethodException nsme) {
+                            //node the SAAJ node, use
+                            node = null;
+                        }
+                        if (node != null) {
+                            header = createElementInSameNamespace(node, WSConstants.ELEM_HEADER);
+                        } else {
+                            header = createElementInSameNamespace(doc.getDocumentElement(),
WSConstants.ELEM_HEADER);
+                        }
+                        doc.importNode(header, true);
+                        header = (Element)getDomElement(header);
+                        header = prependChildElement(envelope, header);
+                        
+                    } catch (Exception e) {
+                        e.printStackTrace();
+                        throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY);
+                    }
+                    
+                } else {
+                    header = createElementInSameNamespace(envelope, WSConstants.ELEM_HEADER);
+                    header = prependChildElement(envelope, header);
+                }
             } else {
                 return null;
             }
@@ -368,6 +429,9 @@ public final class WSSecurityUtil {
         } else if (doCreate) {
             foundSecurityHeader = doc.createElementNS(WSConstants.WSSE_NS, "wsse:Security");
             foundSecurityHeader.setAttributeNS(WSConstants.XMLNS_NS, "xmlns:wsse", WSConstants.WSSE_NS);
+            doc.importNode(foundSecurityHeader, true);
+            foundSecurityHeader = (Element)getDomElement(foundSecurityHeader);
+            
             return prependChildElement(header, foundSecurityHeader);
         }
         return null;
@@ -543,6 +607,44 @@ public final class WSSecurityUtil {
             }
         }
     }
+    
+    /**
+     * Register the javax.xml.soap.Node with new Cloned Dom Node with java9
+     * @param doc The SOAPDocumentImpl
+     * @param clonedElement The cloned Element
+     * @return new clonedElement which already associated with the SAAJ Node 
+     * @throws WSSecurityException
+     */
+    public static Element cloneElement(Document doc, Element clonedElement) throws WSSecurityException
{
+        clonedElement = (Element)clonedElement.cloneNode(true);
+        if (isJava9SAAJ) {
+            // here we need regiter the javax.xml.soap.Node with new instance
+            clonedElement = (Element)doc.importNode(clonedElement, true);
+            clonedElement = (Element)getDomElement(clonedElement);
+        }
+        return clonedElement;
+    }
+    
+    /**
+     * Try to get the DOM Node from the SAAJ Node with JAVA9 
+     * @param node The original node we need check
+     * @return The DOM node
+     * @throws WSSecurityException
+     */
+    private static Node getDomElement(Node node) throws WSSecurityException {
+        if (node != null && isJava9SAAJ) {
+            
+            try {
+                Method method = node.getClass().getMethod("getDomElement");
+                node = (Node)method.invoke(node);
+            } catch (NoSuchMethodException e) {
+                LOG.debug("Not the saaj node with java9");
+            } catch (Exception e) {
+                throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY);
+            }
+        }
+        return node;
+    }
 
     public static byte[] getBytesFromAttachment(
         String xopUri, RequestData data

Modified: webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/common/SOAPUtil.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/common/SOAPUtil.java?rev=1790556&r1=1790555&r2=1790556&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/common/SOAPUtil.java
(original)
+++ webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/common/SOAPUtil.java
Fri Apr  7 13:47:11 2017
@@ -21,6 +21,8 @@ package org.apache.wss4j.dom.common;
 
 import javax.xml.parsers.DocumentBuilder;
 import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.soap.MessageFactory;
+
 
 import java.io.ByteArrayInputStream;
 import java.io.InputStream;
@@ -39,11 +41,20 @@ public class SOAPUtil {
         +       "</add>"
         +   "</SOAP-ENV:Body>"
         + "</SOAP-ENV:Envelope>";
+    
+    private static final org.slf4j.Logger LOG =
+        org.slf4j.LoggerFactory.getLogger(SOAPUtil.class);
 
     private static DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
+    private static MessageFactory saajFactory = null;
 
     static {
         factory.setNamespaceAware(true);
+        try {
+            saajFactory = MessageFactory.newInstance();
+        } catch (Exception e) {
+            LOG.debug("can't create SAAJ MessageFactory", e);
+        }
     }
 
     /**
@@ -55,5 +66,15 @@ public class SOAPUtil {
             return builder.parse(in);
         }
     }
+    
+    
+    /**
+     * Convert an SOAP Envelope as a String to a javax.xml.soap.SOAPPart.
+     */
+    public static javax.xml.soap.SOAPPart toSAAJSOAPPart(String xml) throws Exception {
+        try (InputStream in = new ByteArrayInputStream(xml.getBytes())) {
+            return saajFactory.createMessage(null, in).getSOAPPart();
+        }
+    }
 
 }

Modified: webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenActionTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenActionTest.java?rev=1790556&r1=1790555&r2=1790556&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenActionTest.java
(original)
+++ webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/saml/SamlTokenActionTest.java
Fri Apr  7 13:47:11 2017
@@ -104,6 +104,43 @@ public class SamlTokenActionTest extends
     }
 
     @Test
+    public void testAssertionActionWithSAAJ() throws Exception {
+        final WSSConfig cfg = WSSConfig.getNewInstance();
+        final RequestData reqData = new RequestData();
+        reqData.setWssConfig(cfg);
+        reqData.setUsername("wss40");
+
+        CallbackHandler callbackHandler = new KeystoreCallbackHandler();
+
+        SAML1CallbackHandler samlCallbackHandler = new SAML1CallbackHandler();
+        samlCallbackHandler.setStatement(SAML1CallbackHandler.Statement.AUTHN);
+        samlCallbackHandler.setIssuer("www.example.com");
+
+        java.util.Map<String, Object> config = new java.util.TreeMap<String, Object>();
+        config.put(WSHandlerConstants.SIG_PROP_FILE, "wss40.properties");
+        config.put(WSHandlerConstants.PW_CALLBACK_REF, callbackHandler);
+        config.put(WSHandlerConstants.SAML_CALLBACK_REF, samlCallbackHandler);
+        reqData.setMsgContext(config);
+
+        final Document doc = SOAPUtil.toSAAJSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
+        CustomHandler handler = new CustomHandler();
+        HandlerAction action = new HandlerAction(WSConstants.ST_UNSIGNED);
+        handler.send(
+            doc,
+            reqData,
+            Collections.singletonList(action),
+            true
+        );
+        if (LOG.isDebugEnabled()) {
+            String outputString = XMLUtils.prettyDocumentToString(doc);
+            LOG.debug(outputString);
+        }
+
+        verify(doc, callbackHandler);
+    }
+    
+    
+    @Test
     public void testSignedAssertionAction() throws Exception {
         final WSSConfig cfg = WSSConfig.getNewInstance();
         final RequestData reqData = new RequestData();



Mime
View raw message