SecurityTokenRefSTRParser.java

coheigea Fri, 06 Jan 2012 04:37:19 -0800

Author: coheigea
Date: Fri Jan  6 12:36:41 2012
New Revision: 1228152

URL: http://svn.apache.org/viewvc?rev=1228152&view=rev
Log:
Added a fix to be able to process keys derived from a UsernameToken for 
decryption


Modified:
    
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecEncrypt.java
    
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/str/SecurityTokenRefSTRParser.java

Modified: 
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecEncrypt.java
URL: 
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecEncrypt.java?rev=1228152&r1=1228151&r2=1228152&view=diff
==============================================================================
--- 
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecEncrypt.java
 (original)
+++ 
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecEncrypt.java
 Fri Jan  6 12:36:41 2012
@@ -553,7 +553,7 @@ public class WSSecEncrypt extends WSSecE
             secToken.setReference(ref);
             if (KerberosSecurity.isKerberosToken(customReferenceValue)) {
                 secToken.addTokenType(customReferenceValue);
-            } else {
+            } else if 
(!WSConstants.WSS_USERNAME_TOKEN_VALUE_TYPE.equals(customReferenceValue)) {
                 secToken.addTokenType(WSConstants.WSS_ENC_KEY_VALUE_TYPE);
             }
             keyInfo.addUnknownElement(secToken.getElement());

Modified: 
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/str/SecurityTokenRefSTRParser.java
URL: 
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/str/SecurityTokenRefSTRParser.java?rev=1228152&r1=1228151&r2=1228152&view=diff
==============================================================================
--- 
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/str/SecurityTokenRefSTRParser.java
 (original)
+++ 
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/str/SecurityTokenRefSTRParser.java
 Fri Jan  6 12:36:41 2012
@@ -31,6 +31,7 @@ import org.apache.ws.security.message.to
 import org.apache.ws.security.message.token.DerivedKeyToken;
 import org.apache.ws.security.message.token.Reference;
 import org.apache.ws.security.message.token.SecurityTokenReference;
+import org.apache.ws.security.message.token.UsernameToken;
 import org.apache.ws.security.processor.Processor;
 import org.apache.ws.security.saml.SAMLKeyInfo;
 import org.apache.ws.security.saml.SAMLUtil;
@@ -313,7 +314,16 @@ public class SecurityTokenRefSTRParser i
                 getSecretKeyFromAssertion(assertion, secRef, data, wsDocInfo, 
bspCompliant);
         } else if (WSConstants.SCT == action || WSConstants.BST == action) {
             secretKey = (byte[])result.get(WSSecurityEngineResult.TAG_SECRET);
-        }
+        } else if (WSConstants.UT_NOPASSWORD == action || WSConstants.UT == 
action) {
+            if (bspCompliant) {
+                BSPEnforcer.checkUsernameTokenBSPCompliance(secRef);
+            }
+            UsernameToken usernameToken = 
+                
(UsernameToken)result.get(WSSecurityEngineResult.TAG_USERNAME_TOKEN);
+
+            usernameToken.setRawPassword(data);
+            secretKey = usernameToken.getDerivedKey();
+        } 
     }

svn commit: r1228152 - in /webservices/wss4j/trunk/src/main/java/org/apache/ws/security: message/WSSecEncrypt.java str/SecurityTokenRefSTRParser.java

Reply via email to