date:20160216

cxf git commit: [CXF-6768]InternalContextUtils should bak all the data from the input stream before send back partialResponse

2016-02-16 Thread ffang

Repository: cxf
Updated Branches:
  refs/heads/3.1.x-fixes 72547f021 -> afaf1debd


[CXF-6768]InternalContextUtils should bak all the data from the input stream 
before send back partialResponse

(cherry picked from commit 2726b68fa3dbc8a98018cc957bef47a23c9a950e)


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/afaf1deb
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/afaf1deb
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/afaf1deb

Branch: refs/heads/3.1.x-fixes
Commit: afaf1debd104b7d9850713b866b9f4d58e8dd8d5
Parents: 72547f0
Author: Freeman Fang 
Authored: Wed Feb 17 12:03:14 2016 +0800
Committer: Freeman Fang 
Committed: Wed Feb 17 12:05:22 2016 +0800

--
 .../ws/addressing/impl/InternalContextUtils.java | 19 ++-
 1 file changed, 10 insertions(+), 9 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/afaf1deb/rt/ws/addr/src/main/java/org/apache/cxf/ws/addressing/impl/InternalContextUtils.java
--
diff --git 
a/rt/ws/addr/src/main/java/org/apache/cxf/ws/addressing/impl/InternalContextUtils.java
 
b/rt/ws/addr/src/main/java/org/apache/cxf/ws/addressing/impl/InternalContextUtils.java
index 2c41925..df06173 100644
--- 
a/rt/ws/addr/src/main/java/org/apache/cxf/ws/addressing/impl/InternalContextUtils.java
+++ 
b/rt/ws/addr/src/main/java/org/apache/cxf/ws/addressing/impl/InternalContextUtils.java
@@ -268,7 +268,15 @@ final class InternalContextUtils {
 exchange.put(ConduitSelector.class,
  new PreexistingConduitSelector(backChannel,
 
exchange.getEndpoint()));
-
+if 
(ContextUtils.retrieveAsyncPostResponseDispatch(inMessage) && !robust) {
+//need to suck in all the data from the input stream as
+//the transport might discard any data on the stream 
when this 
+//thread unwinds or when the empty response is sent 
back
+DelegatingInputStream in = 
inMessage.getContent(DelegatingInputStream.class);
+if (in != null) {
+in.cacheInput();
+}
+}
 if (chain != null && !chain.doIntercept(partialResponse) 
 && partialResponse.getContent(Exception.class) != 
null) {
 if (partialResponse.getContent(Exception.class) 
instanceof Fault) {
@@ -294,14 +302,7 @@ final class InternalContextUtils {
  
 
 if 
(ContextUtils.retrieveAsyncPostResponseDispatch(inMessage) && !robust) {
-//need to suck in all the data from the input stream as
-//the transport might discard any data on the stream 
when this 
-//thread unwinds or when the empty response is sent 
back
-DelegatingInputStream in = 
inMessage.getContent(DelegatingInputStream.class);
-if (in != null) {
-in.cacheInput();
-}
-
+
 // async service invocation required *after* a response
 // has been sent (i.e. to a oneway, or a partial 
response
 // to a decoupled twoway)

cxf git commit: [CXF-6768]InternalContextUtils should bak all the data from the input stream before send back partialResponse

2016-02-16 Thread ffang

Repository: cxf
Updated Branches:
  refs/heads/master 087ae7575 -> 2726b68fa


[CXF-6768]InternalContextUtils should bak all the data from the input stream 
before send back partialResponse


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/2726b68f
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/2726b68f
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/2726b68f

Branch: refs/heads/master
Commit: 2726b68fa3dbc8a98018cc957bef47a23c9a950e
Parents: 087ae75
Author: Freeman Fang 
Authored: Wed Feb 17 12:03:14 2016 +0800
Committer: Freeman Fang 
Committed: Wed Feb 17 12:03:14 2016 +0800

--
 .../ws/addressing/impl/InternalContextUtils.java | 19 ++-
 1 file changed, 10 insertions(+), 9 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/2726b68f/rt/ws/addr/src/main/java/org/apache/cxf/ws/addressing/impl/InternalContextUtils.java
--
diff --git 
a/rt/ws/addr/src/main/java/org/apache/cxf/ws/addressing/impl/InternalContextUtils.java
 
b/rt/ws/addr/src/main/java/org/apache/cxf/ws/addressing/impl/InternalContextUtils.java
index 2c41925..df06173 100644
--- 
a/rt/ws/addr/src/main/java/org/apache/cxf/ws/addressing/impl/InternalContextUtils.java
+++ 
b/rt/ws/addr/src/main/java/org/apache/cxf/ws/addressing/impl/InternalContextUtils.java
@@ -268,7 +268,15 @@ final class InternalContextUtils {
 exchange.put(ConduitSelector.class,
  new PreexistingConduitSelector(backChannel,
 
exchange.getEndpoint()));
-
+if 
(ContextUtils.retrieveAsyncPostResponseDispatch(inMessage) && !robust) {
+//need to suck in all the data from the input stream as
+//the transport might discard any data on the stream 
when this 
+//thread unwinds or when the empty response is sent 
back
+DelegatingInputStream in = 
inMessage.getContent(DelegatingInputStream.class);
+if (in != null) {
+in.cacheInput();
+}
+}
 if (chain != null && !chain.doIntercept(partialResponse) 
 && partialResponse.getContent(Exception.class) != 
null) {
 if (partialResponse.getContent(Exception.class) 
instanceof Fault) {
@@ -294,14 +302,7 @@ final class InternalContextUtils {
  
 
 if 
(ContextUtils.retrieveAsyncPostResponseDispatch(inMessage) && !robust) {
-//need to suck in all the data from the input stream as
-//the transport might discard any data on the stream 
when this 
-//thread unwinds or when the empty response is sent 
back
-DelegatingInputStream in = 
inMessage.getContent(DelegatingInputStream.class);
-if (in != null) {
-in.cacheInput();
-}
-
+
 // async service invocation required *after* a response
 // has been sent (i.e. to a oneway, or a partial 
response
 // to a decoupled twoway)

Nexus: Promotion Completed

2016-02-16 Thread Nexus Repository Manager

Message from: https://repository.apache.orgDeployer properties:"userAgent" = "Apache-Maven/3.3.9 (Java 1.7.0_80; Linux 4.2.0-27-generic)""userId" = "coheigea""ip" = "80.169.137.63"Details:The following artifacts have been promoted to the "Releases" [id=releases] repository/org/apache/cxf/fediz/apache-fediz/1.2.2/apache-fediz-1.2.2.zip(SHA1: 05e2ab64e1f472f17a388ce7033c846f15a7ead9)/org/apache/cxf/fediz/apache-fediz/1.2.2/apache-fediz-1.2.2.pom.asc(SHA1: 295f86ad991e11c70a55b618b207f618fecc4eae)/org/apache/cxf/fediz/apache-fediz/1.2.2/apache-fediz-1.2.2.pom(SHA1: 4fedaaa7f2e912e21bb2e95b14d5c7afef40d02a)/org/apache/cxf/fediz/apache-fediz/1.2.2/apache-fediz-1.2.2.zip.asc(SHA1: 9d6a31995ad606f597466f8f6a928efe3a3d5378)/org/apache/cxf/fediz/fediz-systests/1.2.2/fediz-systests-1.2.2.pom(SHA1: 5f19419b90b60e26c03840f221800b74b101d575)/org/apache/cxf/fediz/fediz-systests/1.2.2/fediz-systests-1.2.2.pom.asc(SHA1: e345d46c5d59d2a64c26a5299237974e08dbb737)/org/apache/cxf/fediz/plugin/1.2.2/plugin-1.2.2.pom(SHA1: d58b798c220f8ac7ba536c6d9c7f4bf06eee9111)/org/apache/cxf/fediz/plugin/1.2.2/plugin-1.2.2.pom.asc(SHA1: d3e13cbf932b282051c6445086272c470cfbc16b)/org/apache/cxf/fediz/examples/wsclientWebapp/webservice/fedizservice/1.2.2/fedizservice-1.2.2.war.asc(SHA1: f93163400ec07dfc09ad2fecba2b3319ddec31c1)/org/apache/cxf/fediz/examples/wsclientWebapp/webservice/fedizservice/1.2.2/fedizservice-1.2.2.war(SHA1: 5866d2d11094a70771b6b3bb11286911d5c418aa)/org/apache/cxf/fediz/examples/wsclientWebapp/webservice/fedizservice/1.2.2/fedizservice-1.2.2-javadoc.jar(SHA1: 11d136106f1b296f34da81c912a48c0dd3ef3202)/org/apache/cxf/fediz/examples/wsclientWebapp/webservice/fedizservice/1.2.2/fedizservice-1.2.2-sources.jar.asc(SHA1: a185a1cc964298d95ebfa7773bb88ca31b04b3bd)/org/apache/cxf/fediz/examples/wsclientWebapp/webservice/fedizservice/1.2.2/fedizservice-1.2.2.pom.asc(SHA1: e888d838e592994514cb6d648cdc6fd6c3461a1d)/org/apache/cxf/fediz/examples/wsclientWebapp/webservice/fedizservice/1.2.2/fedizservice-1.2.2-sources.jar(SHA1: d7fe1e57f42dbe793758173c6a4f0a53442d55f0)/org/apache/cxf/fediz/examples/wsclientWebapp/webservice/fedizservice/1.2.2/fedizservice-1.2.2.pom(SHA1: 8a63ce9661f4e24066b9936b2b5d2c411b29c344)/org/apache/cxf/fediz/examples/wsclientWebapp/webservice/fedizservice/1.2.2/fedizservice-1.2.2-javadoc.jar.asc(SHA1: 0fbf716fd32b46602bedf37b75da6ef71fd25407)/org/apache/cxf/fediz/examples/wsclientWebapp/webservice/common/1.2.2/common-1.2.2-javadoc.jar.asc(SHA1: 5aad38456a6e1fafb7a31a1891a01d5ca153732c)/org/apache/cxf/fediz/examples/wsclientWebapp/webservice/common/1.2.2/common-1.2.2-javadoc.jar(SHA1: 31ef75615852e400fffae907826ed15696da883d)/org/apache/cxf/fediz/examples/wsclientWebapp/webservice/common/1.2.2/common-1.2.2.jar.asc(SHA1: 6dccfe76370df929feb8f2ef4046528149f7508a)/org/apache/cxf/fediz/examples/wsclientWebapp/webservice/common/1.2.2/common-1.2.2-sources.jar(SHA1: e641d91e6369e37b6202b68175231f851efdb90a)/org/apache/cxf/fediz/examples/wsclientWebapp/webservice/common/1.2.2/common-1.2.2-sources.jar.asc(SHA1: 67556558ee5355ae0fde2a46c4e47a88f4238f57)/org/apache/cxf/fediz/examples/wsclientWebapp/webservice/common/1.2.2/common-1.2.2.pom(SHA1: 273444c83e6b5c97591a3c1ef57d6af567f5b004)/org/apache/cxf/fediz/examples/wsclientWebapp/webservice/common/1.2.2/common-1.2.2.pom.asc(SHA1: 0dbdf4a9459f4ea0c7cfeba6c03dd50723a84ca9)/org/apache/cxf/fediz/examples/wsclientWebapp/webservice/common/1.2.2/common-1.2.2.jar(SHA1: e0b20aaeb442152d72ae65d8606f936c0402062f)/org/apache/cxf/fediz/examples/wsclientWebapp/webservice/1.2.2/webservice-1.2.2.pom(SHA1: d0209596bcb854db82b695e57465b4858792551f)/org/apache/cxf/fediz/examples/wsclientWebapp/webservice/1.2.2/webservice-1.2.2.pom.asc(SHA1: aa5fee7cfc0ef5887e5ba77f443dbd6765a1c6ba)/org/apache/cxf/fediz/examples/wsclientWebapp/webapp/1.2.2/webapp-1.2.2.war.asc(SHA1: 4a99c28c639445332eff7ea666cd0c8eabd201df)/org/apache/cxf/fediz/examples/wsclientWebapp/webapp/1.2.2/webapp-1.2.2-sources.jar(SHA1: 62706b9dc14e04c27ea3804d9b890c179a27f0d7)/org/apache/cxf/fediz/examples/wsclientWebapp/webapp/1.2.2/webapp-1.2.2-javadoc.jar.asc(SHA1: f9402389db226befd1183a73a45832687e1334e7)/org/apache/cxf/fediz/examples/wsclientWebapp/webapp/1.2.2/webapp-1.2.2.pom(SHA1: f964be8dabdbaaf1d169b5d781ebd7a79ea7ee6b)/org/apache/cxf/fediz/examples/wsclientWebapp/webapp/1.2.2/webapp-1.2.2-javadoc.jar(SHA1: a486260b941619897a88c5a390b7db9e7ef55c19)/org/apache/cxf/fediz/examples/wsclientWebapp/webapp/1.2.2/webapp-1.2.2-sources.jar.asc(SHA1: f40a67703418e59fb8e0e0abda1d3842275e8319)/org/apache/cxf/fediz/examples/wsclientWebapp/webapp/1.2.2/webapp-1.2.2.war(SHA1: 17489f9ee4c24f34827b36e70c05e683d9ffdb94)/org/apache/cxf/fediz/examples/wsclientWebapp/webapp/1.2.2/webapp-1.2.2.pom.asc(SHA1: a035e7b684e8848bc20fde0d467375196b51c67a)/org/apache/cxf/fediz/examples/wsclientWebapp/1.2.2/wsclientWebapp-1.2.2.pom(SHA1:

cxf git commit: [CXF-5439, CXF-6779] Adding a CXF Provider annotation, marking Swagger2Feature, updating Spring Boot demo

2016-02-16 Thread sergeyb

Repository: cxf
Updated Branches:
  refs/heads/3.1.x-fixes d3e47e330 -> 72547f021


[CXF-5439,CXF-6779] Adding a CXF Provider annotation, marking Swagger2Feature, 
updating Spring Boot demo


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/72547f02
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/72547f02
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/72547f02

Branch: refs/heads/3.1.x-fixes
Commit: 72547f021ffb15dbb0642515e830272ff48bacd5
Parents: d3e47e3
Author: Sergey Beryozkin 
Authored: Tue Feb 16 17:01:48 2016 +
Committer: Sergey Beryozkin 
Committed: Tue Feb 16 17:18:24 2016 +

--
 .../org/apache/cxf/annotations/Provider.java| 34 +++
 .../samples/jax_rs/jaxrs_spring_boot/pom.xml| 19 +--
 .../java/sample/rs/service/HelloService.java|  4 +-
 .../rs/service/SampleScanRestApplication.java   | 13 +++--
 .../AbstractSpringComponentScanServer.java  | 60 ++--
 .../AbstractSpringConfigurationFactory.java |  2 +-
 .../cxf/jaxrs/swagger/Swagger2Feature.java  |  3 +
 7 files changed, 119 insertions(+), 16 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/72547f02/core/src/main/java/org/apache/cxf/annotations/Provider.java
--
diff --git a/core/src/main/java/org/apache/cxf/annotations/Provider.java 
b/core/src/main/java/org/apache/cxf/annotations/Provider.java
new file mode 100644
index 000..4bf751e
--- /dev/null
+++ b/core/src/main/java/org/apache/cxf/annotations/Provider.java
@@ -0,0 +1,34 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.annotations;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+@Target(ElementType.TYPE)
+@Retention(RetentionPolicy.RUNTIME)
+public @interface Provider {
+enum Type { InInterceptor, OutInterceptor, InFaultInterceptor, 
OutFaultInterceptor, Feature }
+enum Scope { Server, Client, All }
+
+Type value();
+Scope scope() default Scope.All; 
+}

http://git-wip-us.apache.org/repos/asf/cxf/blob/72547f02/distribution/src/main/release/samples/jax_rs/jaxrs_spring_boot/pom.xml
--
diff --git 
a/distribution/src/main/release/samples/jax_rs/jaxrs_spring_boot/pom.xml 
b/distribution/src/main/release/samples/jax_rs/jaxrs_spring_boot/pom.xml
index 00a4aa9..4bb4896 100644
--- a/distribution/src/main/release/samples/jax_rs/jaxrs_spring_boot/pom.xml
+++ b/distribution/src/main/release/samples/jax_rs/jaxrs_spring_boot/pom.xml
@@ -46,18 +46,27 @@
 cxf-rt-transports-http
 ${cxf.version}
 
-
+
 org.apache.cxf
 cxf-rt-rs-service-description
 ${cxf.version}
 
-
+
+io.swagger
+swagger-jaxrs
+1.5.4
+
+
+javax.ws.rs
+jsr311-api
+
+
+
 
 org.springframework.boot
 spring-boot-starter-web
 1.2.3.RELEASE
 
-
 
 
   
@@ -65,9 +74,11 @@
org.springframework.boot
spring-boot-maven-plugin

-   sample.rs.service.SampleRestApplication


sample.rs.service.SampleScanRestApplication
+
  

http://git-wip-us.apache.org/repos/asf/cxf/blob/72547f02/distribution/src/main/release/samples/jax_rs/jaxrs_spring_boot/src/main/java/sample/rs/service/HelloService.java
--
diff --git 
a/distribution/src/main/release/samples/jax_rs/jaxrs_spring_boot/src/main/java/sample/rs/service/HelloService.java

[2/2] cxf git commit: Add the ability to sign/encrypt UserInfoService responses using asymmetric keys

2016-02-16 Thread coheigea

Add the ability to sign/encrypt UserInfoService responses using asymmetric keys


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/0130a152
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/0130a152
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/0130a152

Branch: refs/heads/3.0.x-fixes
Commit: 0130a15283423feccda7f32cd5b8c57ffb728f4c
Parents: ad191a9
Author: Colm O hEigeartaigh 
Authored: Tue Feb 16 17:06:39 2016 +
Committer: Colm O hEigeartaigh 
Committed: Tue Feb 16 17:10:28 2016 +

--
 .../provider/AbstractOAuthServerJoseJwtProducer.java  | 14 +++---
 .../cxf/rs/security/oidc/idp/UserInfoService.java |  8 ++--
 2 files changed, 17 insertions(+), 5 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/0130a152/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthServerJoseJwtProducer.java
--
diff --git 
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthServerJoseJwtProducer.java
 
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthServerJoseJwtProducer.java
index 31d8506..f1dafaa 100644
--- 
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthServerJoseJwtProducer.java
+++ 
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthServerJoseJwtProducer.java
@@ -25,6 +25,7 @@ import org.apache.cxf.rs.security.jose.jwa.ContentAlgorithm;
 import org.apache.cxf.rs.security.jose.jwa.KeyAlgorithm;
 import org.apache.cxf.rs.security.jose.jwe.JweEncryptionProvider;
 import org.apache.cxf.rs.security.jose.jwe.JweUtils;
+import org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider;
 import org.apache.cxf.rs.security.jose.jwt.JwtToken;
 import org.apache.cxf.rs.security.oauth2.common.Client;
 import org.apache.cxf.rt.security.crypto.CryptoUtils;
@@ -35,12 +36,12 @@ public abstract class AbstractOAuthServerJoseJwtProducer 
extends AbstractOAuthJo
 protected String processJwt(JwtToken jwt, Client client) {
 return processJwt(jwt, 
  getInitializedEncryptionProvider(client),
- 
getInitializedSignatureProvider(client.getClientSecret()));
+ getInitializedSignatureProvider(client));
 }
 
 protected JweEncryptionProvider getInitializedEncryptionProvider(Client c) 
{
 JweEncryptionProvider theEncryptionProvider = null;
-if (encryptWithClientCertificates) {
+if (encryptWithClientCertificates && c != null && 
!c.getApplicationCertificates().isEmpty()) {
 X509Certificate cert = 
 
(X509Certificate)CryptoUtils.decodeCertificate(c.getApplicationCertificates().get(0));
 theEncryptionProvider = 
JweUtils.createJweEncryptionProvider((RSAPublicKey)cert.getPublicKey(), 
@@ -48,12 +49,19 @@ public abstract class AbstractOAuthServerJoseJwtProducer 
extends AbstractOAuthJo
  
ContentAlgorithm.A128GCM, 
  null);
 }
-if (theEncryptionProvider == null) {
+if (theEncryptionProvider == null && c != null && c.getClientSecret() 
!= null) {
 theEncryptionProvider = 
super.getInitializedEncryptionProvider(c.getClientSecret());
 }
 return theEncryptionProvider;
 
 }
+
+protected JwsSignatureProvider getInitializedSignatureProvider(Client c) {
+if (c == null) {
+return null;
+}
+return super.getInitializedSignatureProvider(c.getClientSecret());
+}
 
 public void setEncryptWithClientCertificates(boolean 
encryptWithClientCertificates) {
 if (isEncryptWithClientSecret()) {

http://git-wip-us.apache.org/repos/asf/cxf/blob/0130a152/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/UserInfoService.java
--
diff --git 
a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/UserInfoService.java
 
b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/UserInfoService.java
index 1f5d99d..22b058a 100644
--- 
a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/UserInfoService.java
+++ 
b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/UserInfoService.java
@@ -28,6 +28,7 @@ import javax.ws.rs.core.Response;
 
 import

[1/2] cxf git commit: Recording .gitmergeinfo Changes

2016-02-16 Thread coheigea

Repository: cxf
Updated Branches:
  refs/heads/3.0.x-fixes ad191a905 -> 8ff028049


Recording .gitmergeinfo Changes


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/8ff02804
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/8ff02804
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/8ff02804

Branch: refs/heads/3.0.x-fixes
Commit: 8ff0280497e478353be3488abe932e96dbc9b35e
Parents: 0130a15
Author: Colm O hEigeartaigh 
Authored: Tue Feb 16 17:10:28 2016 +
Committer: Colm O hEigeartaigh 
Committed: Tue Feb 16 17:10:28 2016 +

--
 .gitmergeinfo | 1 +
 1 file changed, 1 insertion(+)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/8ff02804/.gitmergeinfo
--
diff --git a/.gitmergeinfo b/.gitmergeinfo
index c2fc09d..2bdb7f3 100644
--- a/.gitmergeinfo
+++ b/.gitmergeinfo
@@ -1041,6 +1041,7 @@ M d2b5baa69415ea41f5865a8961c813feead3b22a
 M d2d8f6d6e2773025e0dd1c51c6b5e5d2e721def8
 M d2dec5b87788b8cb5059d3719cf3dfd7135a1280
 M d356ec692ca58de0b6dd4922d7067cb3d69918a8
+M d3e47e3306696eaab28a00aaf879f10f57b3c792
 M d4841e0b7167685d50416317c19675fa386a53e9
 M d4a35c40d53fde17fec3d08c25215c7533dcb667
 M d5315e072b8dd5222ede6f8e47c1e3e645209f59

cxf git commit: Add the ability to sign/encrypt UserInfoService responses using asymmetric keys

2016-02-16 Thread coheigea

Repository: cxf
Updated Branches:
  refs/heads/3.1.x-fixes 609fcadef -> d3e47e330


Add the ability to sign/encrypt UserInfoService responses using asymmetric keys


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/d3e47e33
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/d3e47e33
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/d3e47e33

Branch: refs/heads/3.1.x-fixes
Commit: d3e47e3306696eaab28a00aaf879f10f57b3c792
Parents: 609fcad
Author: Colm O hEigeartaigh 
Authored: Tue Feb 16 17:06:39 2016 +
Committer: Colm O hEigeartaigh 
Committed: Tue Feb 16 17:09:09 2016 +

--
 .../oauth2/provider/OAuthServerJoseJwtProducer.java   | 14 +++---
 .../cxf/rs/security/oidc/idp/UserInfoService.java |  8 ++--
 2 files changed, 17 insertions(+), 5 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/d3e47e33/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthServerJoseJwtProducer.java
--
diff --git 
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthServerJoseJwtProducer.java
 
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthServerJoseJwtProducer.java
index 24e6a16..35a323f 100644
--- 
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthServerJoseJwtProducer.java
+++ 
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthServerJoseJwtProducer.java
@@ -25,6 +25,7 @@ import org.apache.cxf.rs.security.jose.jwa.ContentAlgorithm;
 import org.apache.cxf.rs.security.jose.jwa.KeyAlgorithm;
 import org.apache.cxf.rs.security.jose.jwe.JweEncryptionProvider;
 import org.apache.cxf.rs.security.jose.jwe.JweUtils;
+import org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider;
 import org.apache.cxf.rs.security.jose.jwt.JwtToken;
 import org.apache.cxf.rs.security.oauth2.common.Client;
 import org.apache.cxf.rt.security.crypto.CryptoUtils;
@@ -35,12 +36,12 @@ public class OAuthServerJoseJwtProducer extends 
OAuthJoseJwtProducer {
 public String processJwt(JwtToken jwt, Client client) {
 return processJwt(jwt, 
  getInitializedEncryptionProvider(client),
- 
getInitializedSignatureProvider(client.getClientSecret()));
+ getInitializedSignatureProvider(client));
 }
 
 protected JweEncryptionProvider getInitializedEncryptionProvider(Client c) 
{
 JweEncryptionProvider theEncryptionProvider = null;
-if (encryptWithClientCertificates) {
+if (encryptWithClientCertificates && c != null && 
!c.getApplicationCertificates().isEmpty()) {
 X509Certificate cert = 
 
(X509Certificate)CryptoUtils.decodeCertificate(c.getApplicationCertificates().get(0));
 theEncryptionProvider = 
JweUtils.createJweEncryptionProvider((RSAPublicKey)cert.getPublicKey(), 
@@ -48,12 +49,19 @@ public class OAuthServerJoseJwtProducer extends 
OAuthJoseJwtProducer {
  
ContentAlgorithm.A128GCM, 
  null);
 }
-if (theEncryptionProvider == null) {
+if (theEncryptionProvider == null && c != null && c.getClientSecret() 
!= null) {
 theEncryptionProvider = 
super.getInitializedEncryptionProvider(c.getClientSecret());
 }
 return theEncryptionProvider;
 
 }
+
+protected JwsSignatureProvider getInitializedSignatureProvider(Client c) {
+if (c == null) {
+return null;
+}
+return super.getInitializedSignatureProvider(c.getClientSecret());
+}
 
 public void setEncryptWithClientCertificates(boolean 
encryptWithClientCertificates) {
 if (isEncryptWithClientSecret()) {

http://git-wip-us.apache.org/repos/asf/cxf/blob/d3e47e33/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/UserInfoService.java
--
diff --git 
a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/UserInfoService.java
 
b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/UserInfoService.java
index 9955bf9..5edf228 100644
--- 
a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/UserInfoService.java
+++ 
b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/UserInfoService.java
@@ -26,6 +26,7 @@ import javax.ws.rs.core.Response;
 
 import

cxf git commit: Add the ability to sign/encrypt UserInfoService responses using asymmetric keys

2016-02-16 Thread coheigea

Repository: cxf
Updated Branches:
  refs/heads/master 4946ee58a -> 087ae7575


Add the ability to sign/encrypt UserInfoService responses using asymmetric keys


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/087ae757
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/087ae757
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/087ae757

Branch: refs/heads/master
Commit: 087ae75756e9bbd6984cd3bd1a7d609ae8bd659f
Parents: 4946ee5
Author: Colm O hEigeartaigh 
Authored: Tue Feb 16 17:06:39 2016 +
Committer: Colm O hEigeartaigh 
Committed: Tue Feb 16 17:07:58 2016 +

--
 .../oauth2/provider/OAuthServerJoseJwtProducer.java   | 14 +++---
 .../cxf/rs/security/oidc/idp/UserInfoService.java |  8 ++--
 2 files changed, 17 insertions(+), 5 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/087ae757/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthServerJoseJwtProducer.java
--
diff --git 
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthServerJoseJwtProducer.java
 
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthServerJoseJwtProducer.java
index 24e6a16..35a323f 100644
--- 
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthServerJoseJwtProducer.java
+++ 
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthServerJoseJwtProducer.java
@@ -25,6 +25,7 @@ import org.apache.cxf.rs.security.jose.jwa.ContentAlgorithm;
 import org.apache.cxf.rs.security.jose.jwa.KeyAlgorithm;
 import org.apache.cxf.rs.security.jose.jwe.JweEncryptionProvider;
 import org.apache.cxf.rs.security.jose.jwe.JweUtils;
+import org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider;
 import org.apache.cxf.rs.security.jose.jwt.JwtToken;
 import org.apache.cxf.rs.security.oauth2.common.Client;
 import org.apache.cxf.rt.security.crypto.CryptoUtils;
@@ -35,12 +36,12 @@ public class OAuthServerJoseJwtProducer extends 
OAuthJoseJwtProducer {
 public String processJwt(JwtToken jwt, Client client) {
 return processJwt(jwt, 
  getInitializedEncryptionProvider(client),
- 
getInitializedSignatureProvider(client.getClientSecret()));
+ getInitializedSignatureProvider(client));
 }
 
 protected JweEncryptionProvider getInitializedEncryptionProvider(Client c) 
{
 JweEncryptionProvider theEncryptionProvider = null;
-if (encryptWithClientCertificates) {
+if (encryptWithClientCertificates && c != null && 
!c.getApplicationCertificates().isEmpty()) {
 X509Certificate cert = 
 
(X509Certificate)CryptoUtils.decodeCertificate(c.getApplicationCertificates().get(0));
 theEncryptionProvider = 
JweUtils.createJweEncryptionProvider((RSAPublicKey)cert.getPublicKey(), 
@@ -48,12 +49,19 @@ public class OAuthServerJoseJwtProducer extends 
OAuthJoseJwtProducer {
  
ContentAlgorithm.A128GCM, 
  null);
 }
-if (theEncryptionProvider == null) {
+if (theEncryptionProvider == null && c != null && c.getClientSecret() 
!= null) {
 theEncryptionProvider = 
super.getInitializedEncryptionProvider(c.getClientSecret());
 }
 return theEncryptionProvider;
 
 }
+
+protected JwsSignatureProvider getInitializedSignatureProvider(Client c) {
+if (c == null) {
+return null;
+}
+return super.getInitializedSignatureProvider(c.getClientSecret());
+}
 
 public void setEncryptWithClientCertificates(boolean 
encryptWithClientCertificates) {
 if (isEncryptWithClientSecret()) {

http://git-wip-us.apache.org/repos/asf/cxf/blob/087ae757/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/UserInfoService.java
--
diff --git 
a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/UserInfoService.java
 
b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/UserInfoService.java
index 9955bf9..5edf228 100644
--- 
a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/UserInfoService.java
+++ 
b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/UserInfoService.java
@@ -26,6 +26,7 @@ import javax.ws.rs.core.Response;
 
 import

[3/3] cxf git commit: Adding a custom WSS4JSecurityContextCreator for an STS system test

2016-02-16 Thread coheigea

Adding a custom WSS4JSecurityContextCreator for an STS system test


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/609fcade
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/609fcade
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/609fcade

Branch: refs/heads/3.1.x-fixes
Commit: 609fcadef1b418c05f3cf9d29dac87f458281156
Parents: 47839c6
Author: Colm O hEigeartaigh 
Authored: Tue Feb 16 13:48:18 2016 +
Committer: Colm O hEigeartaigh 
Committed: Tue Feb 16 13:54:53 2016 +

--
 ...tUsernameTokenAuthenticatingInterceptor.java |  15 +++
 .../DefaultWSS4JSecurityContextCreator.java |  13 --
 .../ws/security/wss4j/WSS4JInInterceptor.java   |  11 ++
 .../x509/CustomWSS4JSecurityContextCreator.java | 118 +++
 .../systest/sts/x509/cxf-asymmetric-service.xml |   4 +
 5 files changed, 148 insertions(+), 13 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/609fcade/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractUsernameTokenAuthenticatingInterceptor.java
--
diff --git 
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractUsernameTokenAuthenticatingInterceptor.java
 
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractUsernameTokenAuthenticatingInterceptor.java
index 3b3fa01..0d8d415 100644
--- 
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractUsernameTokenAuthenticatingInterceptor.java
+++ 
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractUsernameTokenAuthenticatingInterceptor.java
@@ -20,6 +20,8 @@ package org.apache.cxf.ws.security.wss4j;
 
 import java.security.Principal;
 import java.util.HashMap;
+import java.util.LinkedList;
+import java.util.List;
 import java.util.Map;
 import java.util.logging.Logger;
 
@@ -34,6 +36,7 @@ import org.apache.cxf.binding.soap.SoapMessage;
 import org.apache.cxf.common.logging.LogUtils;
 import org.apache.cxf.common.security.SecurityToken;
 import org.apache.cxf.common.security.UsernameToken;
+import org.apache.cxf.helpers.CastUtils;
 import org.apache.cxf.interceptor.Fault;
 import org.apache.cxf.interceptor.security.DefaultSecurityContext;
 import org.apache.cxf.message.Message;
@@ -43,6 +46,7 @@ import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.dom.engine.WSSecurityEngine;
 import org.apache.wss4j.dom.handler.RequestData;
+import org.apache.wss4j.dom.handler.WSHandlerConstants;
 import org.apache.wss4j.dom.handler.WSHandlerResult;
 import org.apache.wss4j.dom.validate.UsernameTokenValidator;
 import org.apache.wss4j.dom.validate.Validator;
@@ -115,6 +119,17 @@ public abstract class 
AbstractUsernameTokenAuthenticatingInterceptor extends WSS
  WSHandlerResult wsResult, 
  boolean utWithCallbacks
 ) throws SOAPException, XMLStreamException, WSSecurityException {
+/*
+ * All ok up to this point. Now construct and setup the security result
+ * structure. The service may fetch this and check it.
+ */
+List results = 
CastUtils.cast((List)msg.get(WSHandlerConstants.RECV_RESULTS));
+if (results == null) {
+results = new LinkedList<>();
+msg.put(WSHandlerConstants.RECV_RESULTS, results);
+}
+results.add(0, wsResult);
+
 new UsernameTokenSecurityContextCreator().createSecurityContext(msg, 
wsResult);
 }
 

http://git-wip-us.apache.org/repos/asf/cxf/blob/609fcade/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/DefaultWSS4JSecurityContextCreator.java
--
diff --git 
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/DefaultWSS4JSecurityContextCreator.java
 
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/DefaultWSS4JSecurityContextCreator.java
index 8069a95..5a832ef 100644
--- 
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/DefaultWSS4JSecurityContextCreator.java
+++ 
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/DefaultWSS4JSecurityContextCreator.java
@@ -22,7 +22,6 @@ import java.security.Principal;
 import java.security.PublicKey;
 import java.security.cert.X509Certificate;
 import java.util.ArrayList;
-import java.util.LinkedList;
 import java.util.List;
 import java.util.Map;
 import java.util.Set;
@@ -31,7 +30,6 @@ import javax.security.auth.Subject;
 import javax.security.auth.kerberos.KerberosPrincipal;
 
 import org.apache.cxf.binding.soap.SoapMessage;
-import org.apache.cxf.helpers.CastUtils;
 import

[1/3] cxf git commit: Refactor how WSS4J creates the CXF SecurityContext to make it pluggable

2016-02-16 Thread coheigea

Repository: cxf
Updated Branches:
  refs/heads/master 7d1890510 -> d68286f71


Refactor how WSS4J creates the CXF SecurityContext to make it pluggable


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/a9db299a
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/a9db299a
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/a9db299a

Branch: refs/heads/master
Commit: a9db299a4715fd054adceca1abddf5fbf08a5b20
Parents: 7d18905
Author: Colm O hEigeartaigh 
Authored: Tue Feb 16 11:50:16 2016 +
Committer: Colm O hEigeartaigh 
Committed: Tue Feb 16 11:58:32 2016 +

--
 .../cxf/ws/security/SecurityConstants.java  |  10 +-
 ...tUsernameTokenAuthenticatingInterceptor.java |  31 ++-
 .../DefaultWSS4JSecurityContextCreator.java | 205 +++
 .../ws/security/wss4j/WSS4JInInterceptor.java   | 160 +--
 .../wss4j/WSS4JSecurityContextCreator.java  |  34 +++
 5 files changed, 281 insertions(+), 159 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/a9db299a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java
--
diff --git 
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java
 
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java
index f9ebaba..f431a14 100644
--- 
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java
+++ 
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java
@@ -276,6 +276,14 @@ public final class SecurityConstants extends 
org.apache.cxf.rt.security.Security
  */
 public static final String DELEGATED_CREDENTIAL = 
"ws-security.delegated.credential";
 
+/**
+ * A WSS4JSecurityContextCreator implementation that is used to create a 
CXF SecurityContext
+ * from the set of WSS4J processing results. The default implementation is 
the
+ * DefaultWSS4JSecurityContextCreator. This configuration tag allows the 
user to plug in
+ * a custom way of setting up the CXF SecurityContext.
+ */
+public static final String SECURITY_CONTEXT_CREATOR = 
"ws-security.security.context.creator";
+
 //
 // Validator implementations for validating received security tokens
 //
@@ -397,7 +405,7 @@ public final class SecurityConstants extends 
org.apache.cxf.rt.security.Security
 CACHE_IDENTIFIER, DELEGATED_CREDENTIAL, 
KERBEROS_USE_CREDENTIAL_DELEGATION, 
 KERBEROS_IS_USERNAME_IN_SERVICENAME_FORM, 
KERBEROS_REQUEST_CREDENTIAL_DELEGATION, 
 POLICY_VALIDATOR_MAP, STORE_BYTES_IN_ATTACHMENT, 
USE_ATTACHMENT_ENCRYPTION_CONTENT_ONLY_TRANSFORM,
-SYMMETRIC_SIGNATURE_ALGORITHM
+SYMMETRIC_SIGNATURE_ALGORITHM, SECURITY_CONTEXT_CREATOR
 }));
 for (String commonProperty : COMMON_PROPERTIES) {
 s.add(commonProperty);

http://git-wip-us.apache.org/repos/asf/cxf/blob/a9db299a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractUsernameTokenAuthenticatingInterceptor.java
--
diff --git 
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractUsernameTokenAuthenticatingInterceptor.java
 
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractUsernameTokenAuthenticatingInterceptor.java
index 5bec27f..3b3fa01 100644
--- 
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractUsernameTokenAuthenticatingInterceptor.java
+++ 
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractUsernameTokenAuthenticatingInterceptor.java
@@ -25,6 +25,10 @@ import java.util.logging.Logger;
 
 import javax.security.auth.Subject;
 import javax.xml.namespace.QName;
+import javax.xml.soap.SOAPException;
+import javax.xml.stream.XMLStreamException;
+
+import org.w3c.dom.Element;
 
 import org.apache.cxf.binding.soap.SoapMessage;
 import org.apache.cxf.common.logging.LogUtils;
@@ -39,6 +43,7 @@ import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.dom.engine.WSSecurityEngine;
 import org.apache.wss4j.dom.handler.RequestData;
+import org.apache.wss4j.dom.handler.WSHandlerResult;
 import org.apache.wss4j.dom.validate.UsernameTokenValidator;
 import org.apache.wss4j.dom.validate.Validator;
 
@@ -102,12 +107,15 @@ public abstract class 
AbstractUsernameTokenAuthenticatingInterceptor extends WSS
 }
 
 @Override
-protected SecurityContext createSecurityContext(final Principal p) {
-Message msg = PhaseInterceptorChain.getCurrentMessage();
-if (msg == null) {
-throw new

cxf git commit: Recording .gitmergeinfo Changes

2016-02-16 Thread coheigea

Repository: cxf
Updated Branches:
  refs/heads/3.0.x-fixes 694b2e6f5 -> ad191a905


Recording .gitmergeinfo Changes


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/ad191a90
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/ad191a90
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/ad191a90

Branch: refs/heads/3.0.x-fixes
Commit: ad191a90583a094ff0ae37f3999a5d7cc1c524d5
Parents: 694b2e6
Author: Colm O hEigeartaigh 
Authored: Tue Feb 16 13:55:12 2016 +
Committer: Colm O hEigeartaigh 
Committed: Tue Feb 16 13:55:12 2016 +

--
 .gitmergeinfo | 3 +++
 1 file changed, 3 insertions(+)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/ad191a90/.gitmergeinfo
--
diff --git a/.gitmergeinfo b/.gitmergeinfo
index f22fba7..c2fc09d 100644
--- a/.gitmergeinfo
+++ b/.gitmergeinfo
@@ -223,6 +223,7 @@ B 46f0d5fff8a4d846831b5e9d7ac0405fe06d2ccd
 B 4702274c7a8bad71ab512744ad39f5207bfe86cd
 B 470bdcb40597dce5e5cf957000ab60b0b4c1fce4
 B 4744117f9228e8f25cc2cba2255f6e6a516e2d2a
+B 47839c649a92a4e372eee313e5d53ec5c91df334
 B 478de215af2da2c03f439bbbd8341b234bb7bee8
 B 47b1a4ae21cfc70cea3b48ebd2be72fd184f1370
 B 4800bc8de7d7626fab25d8ab775e3da1ecec5007
@@ -297,6 +298,7 @@ B 5f94e273e7e8d99915eeda1189824f13488eb013
 B 5faf182264c64bd3c0abc0addc9746b64492c864
 B 5fbd407bac5af5e55bb280125405d75b7add872b
 B 5fc6229a6d289a6a4f23fac4f1d7750285c85d1a
+B 609fcadef1b418c05f3cf9d29dac87f458281156
 B 60f95e5c0d928fd0b518bac1b89e20b9a12e09b3
 B 610057e6f2bdc7491e2e2266ec7ac41513fcd5f0
 B 6168d90fab71f2a8811640bfbbf88bfd1eed1848
@@ -605,6 +607,7 @@ B c4c03e06de3ec8eb8b3e3b35a8c27d1615fd5931
 B c4c969042edcbcd439faa0fc95c1f5130cf06c71
 B c4ce1dd672146fa49f7d6b0aabc563843828fe93
 B c5609a479c87ea75e016b61daeafe0021f693332
+B c5ad99ec8045110063dbec77873782eb5451a6c4
 B c5c21d5b61fbd57e79f0bf39fa56ef9814c417fd
 B c5da4140da8fe63c4a10845b95258bbda9ab2058
 B c750e54452bfa4cb9b0db018dad135b298847095

[1/3] cxf git commit: Refactor how WSS4J creates the CXF SecurityContext to make it pluggable

2016-02-16 Thread coheigea

Repository: cxf
Updated Branches:
  refs/heads/3.1.x-fixes e32ce07bc -> 609fcadef


Refactor how WSS4J creates the CXF SecurityContext to make it pluggable


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/c5ad99ec
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/c5ad99ec
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/c5ad99ec

Branch: refs/heads/3.1.x-fixes
Commit: c5ad99ec8045110063dbec77873782eb5451a6c4
Parents: e32ce07
Author: Colm O hEigeartaigh 
Authored: Tue Feb 16 11:50:16 2016 +
Committer: Colm O hEigeartaigh 
Committed: Tue Feb 16 13:54:51 2016 +

--
 .../cxf/ws/security/SecurityConstants.java  |  10 +-
 ...tUsernameTokenAuthenticatingInterceptor.java |  31 ++-
 .../DefaultWSS4JSecurityContextCreator.java | 205 +++
 .../ws/security/wss4j/WSS4JInInterceptor.java   | 160 +--
 .../wss4j/WSS4JSecurityContextCreator.java  |  34 +++
 5 files changed, 281 insertions(+), 159 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/c5ad99ec/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java
--
diff --git 
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java
 
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java
index f9ebaba..f431a14 100644
--- 
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java
+++ 
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java
@@ -276,6 +276,14 @@ public final class SecurityConstants extends 
org.apache.cxf.rt.security.Security
  */
 public static final String DELEGATED_CREDENTIAL = 
"ws-security.delegated.credential";
 
+/**
+ * A WSS4JSecurityContextCreator implementation that is used to create a 
CXF SecurityContext
+ * from the set of WSS4J processing results. The default implementation is 
the
+ * DefaultWSS4JSecurityContextCreator. This configuration tag allows the 
user to plug in
+ * a custom way of setting up the CXF SecurityContext.
+ */
+public static final String SECURITY_CONTEXT_CREATOR = 
"ws-security.security.context.creator";
+
 //
 // Validator implementations for validating received security tokens
 //
@@ -397,7 +405,7 @@ public final class SecurityConstants extends 
org.apache.cxf.rt.security.Security
 CACHE_IDENTIFIER, DELEGATED_CREDENTIAL, 
KERBEROS_USE_CREDENTIAL_DELEGATION, 
 KERBEROS_IS_USERNAME_IN_SERVICENAME_FORM, 
KERBEROS_REQUEST_CREDENTIAL_DELEGATION, 
 POLICY_VALIDATOR_MAP, STORE_BYTES_IN_ATTACHMENT, 
USE_ATTACHMENT_ENCRYPTION_CONTENT_ONLY_TRANSFORM,
-SYMMETRIC_SIGNATURE_ALGORITHM
+SYMMETRIC_SIGNATURE_ALGORITHM, SECURITY_CONTEXT_CREATOR
 }));
 for (String commonProperty : COMMON_PROPERTIES) {
 s.add(commonProperty);

http://git-wip-us.apache.org/repos/asf/cxf/blob/c5ad99ec/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractUsernameTokenAuthenticatingInterceptor.java
--
diff --git 
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractUsernameTokenAuthenticatingInterceptor.java
 
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractUsernameTokenAuthenticatingInterceptor.java
index 5bec27f..3b3fa01 100644
--- 
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractUsernameTokenAuthenticatingInterceptor.java
+++ 
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractUsernameTokenAuthenticatingInterceptor.java
@@ -25,6 +25,10 @@ import java.util.logging.Logger;
 
 import javax.security.auth.Subject;
 import javax.xml.namespace.QName;
+import javax.xml.soap.SOAPException;
+import javax.xml.stream.XMLStreamException;
+
+import org.w3c.dom.Element;
 
 import org.apache.cxf.binding.soap.SoapMessage;
 import org.apache.cxf.common.logging.LogUtils;
@@ -39,6 +43,7 @@ import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.dom.engine.WSSecurityEngine;
 import org.apache.wss4j.dom.handler.RequestData;
+import org.apache.wss4j.dom.handler.WSHandlerResult;
 import org.apache.wss4j.dom.validate.UsernameTokenValidator;
 import org.apache.wss4j.dom.validate.Validator;
 
@@ -102,12 +107,15 @@ public abstract class 
AbstractUsernameTokenAuthenticatingInterceptor extends WSS
 }
 
 @Override
-protected SecurityContext createSecurityContext(final Principal p) {
-Message msg = PhaseInterceptorChain.getCurrentMessage();
-if (msg == null) {
-throw new

[3/3] cxf git commit: Adding a custom WSS4JSecurityContextCreator for an STS system test

2016-02-16 Thread coheigea

Adding a custom WSS4JSecurityContextCreator for an STS system test


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/d68286f7
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/d68286f7
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/d68286f7

Branch: refs/heads/master
Commit: d68286f715ef4a545989a04d31313a64078cf0cb
Parents: 864d3f3
Author: Colm O hEigeartaigh 
Authored: Tue Feb 16 13:48:18 2016 +
Committer: Colm O hEigeartaigh 
Committed: Tue Feb 16 13:48:18 2016 +

--
 ...tUsernameTokenAuthenticatingInterceptor.java |  15 +++
 .../DefaultWSS4JSecurityContextCreator.java |  13 --
 .../ws/security/wss4j/WSS4JInInterceptor.java   |  11 ++
 .../x509/CustomWSS4JSecurityContextCreator.java | 118 +++
 .../systest/sts/x509/cxf-asymmetric-service.xml |   4 +
 5 files changed, 148 insertions(+), 13 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/d68286f7/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractUsernameTokenAuthenticatingInterceptor.java
--
diff --git 
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractUsernameTokenAuthenticatingInterceptor.java
 
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractUsernameTokenAuthenticatingInterceptor.java
index 3b3fa01..0d8d415 100644
--- 
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractUsernameTokenAuthenticatingInterceptor.java
+++ 
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractUsernameTokenAuthenticatingInterceptor.java
@@ -20,6 +20,8 @@ package org.apache.cxf.ws.security.wss4j;
 
 import java.security.Principal;
 import java.util.HashMap;
+import java.util.LinkedList;
+import java.util.List;
 import java.util.Map;
 import java.util.logging.Logger;
 
@@ -34,6 +36,7 @@ import org.apache.cxf.binding.soap.SoapMessage;
 import org.apache.cxf.common.logging.LogUtils;
 import org.apache.cxf.common.security.SecurityToken;
 import org.apache.cxf.common.security.UsernameToken;
+import org.apache.cxf.helpers.CastUtils;
 import org.apache.cxf.interceptor.Fault;
 import org.apache.cxf.interceptor.security.DefaultSecurityContext;
 import org.apache.cxf.message.Message;
@@ -43,6 +46,7 @@ import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.dom.engine.WSSecurityEngine;
 import org.apache.wss4j.dom.handler.RequestData;
+import org.apache.wss4j.dom.handler.WSHandlerConstants;
 import org.apache.wss4j.dom.handler.WSHandlerResult;
 import org.apache.wss4j.dom.validate.UsernameTokenValidator;
 import org.apache.wss4j.dom.validate.Validator;
@@ -115,6 +119,17 @@ public abstract class 
AbstractUsernameTokenAuthenticatingInterceptor extends WSS
  WSHandlerResult wsResult, 
  boolean utWithCallbacks
 ) throws SOAPException, XMLStreamException, WSSecurityException {
+/*
+ * All ok up to this point. Now construct and setup the security result
+ * structure. The service may fetch this and check it.
+ */
+List results = 
CastUtils.cast((List)msg.get(WSHandlerConstants.RECV_RESULTS));
+if (results == null) {
+results = new LinkedList<>();
+msg.put(WSHandlerConstants.RECV_RESULTS, results);
+}
+results.add(0, wsResult);
+
 new UsernameTokenSecurityContextCreator().createSecurityContext(msg, 
wsResult);
 }
 

http://git-wip-us.apache.org/repos/asf/cxf/blob/d68286f7/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/DefaultWSS4JSecurityContextCreator.java
--
diff --git 
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/DefaultWSS4JSecurityContextCreator.java
 
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/DefaultWSS4JSecurityContextCreator.java
index 8069a95..5a832ef 100644
--- 
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/DefaultWSS4JSecurityContextCreator.java
+++ 
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/DefaultWSS4JSecurityContextCreator.java
@@ -22,7 +22,6 @@ import java.security.Principal;
 import java.security.PublicKey;
 import java.security.cert.X509Certificate;
 import java.util.ArrayList;
-import java.util.LinkedList;
 import java.util.List;
 import java.util.Map;
 import java.util.Set;
@@ -31,7 +30,6 @@ import javax.security.auth.Subject;
 import javax.security.auth.kerberos.KerberosPrincipal;
 
 import org.apache.cxf.binding.soap.SoapMessage;
-import org.apache.cxf.helpers.CastUtils;
 import

[2/3] cxf git commit: Minor change

2016-02-16 Thread coheigea

Minor change


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/47839c64
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/47839c64
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/47839c64

Branch: refs/heads/3.1.x-fixes
Commit: 47839c649a92a4e372eee313e5d53ec5c91df334
Parents: c5ad99e
Author: Colm O hEigeartaigh 
Authored: Tue Feb 16 11:58:37 2016 +
Committer: Colm O hEigeartaigh 
Committed: Tue Feb 16 13:54:52 2016 +

--
 .../cxf/ws/security/wss4j/WSS4JInInterceptor.java   | 16 +++-
 1 file changed, 3 insertions(+), 13 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/47839c64/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
--
diff --git 
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
 
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
index 020b4ca..d996711 100644
--- 
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
+++ 
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
@@ -294,13 +294,13 @@ public class WSS4JInInterceptor extends 
AbstractWSS4JInterceptor {
 doResults(msg, actor, 
   SAAJUtils.getHeader(doc),
   SAAJUtils.getBody(doc),
-  wsResult);
+  wsResult, utWithCallbacks);
 } else {
 checkActions(msg, reqData, wsResult.getResults(), actions, 
SAAJUtils.getBody(doc));
 doResults(msg, actor,
   SAAJUtils.getHeader(doc),
   SAAJUtils.getBody(doc),
-  wsResult);
+  wsResult, utWithCallbacks);
 }
 }
 advanceBody(msg, SAAJUtils.getBody(doc));
@@ -469,17 +469,7 @@ public class WSS4JInInterceptor extends 
AbstractWSS4JInterceptor {
 String actor, 
 Element soapHeader,
 Element soapBody,
-WSHandlerResult wsResult
-) throws SOAPException, XMLStreamException, WSSecurityException {
-doResults(msg, actor, soapHeader, soapBody, wsResult, false);
-}
-
-protected void doResults(
-SoapMessage msg, 
-String actor,
-Element soapHeader,
-Element soapBody,
-WSHandlerResult wsResult, 
+WSHandlerResult wsResult,
 boolean utWithCallbacks
 ) throws SOAPException, XMLStreamException, WSSecurityException {

[2/3] cxf git commit: Minor change

2016-02-16 Thread coheigea

Minor change


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/864d3f30
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/864d3f30
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/864d3f30

Branch: refs/heads/master
Commit: 864d3f3070eeea5d717caef381cd91f310195b30
Parents: a9db299
Author: Colm O hEigeartaigh 
Authored: Tue Feb 16 11:58:37 2016 +
Committer: Colm O hEigeartaigh 
Committed: Tue Feb 16 11:58:37 2016 +

--
 .../cxf/ws/security/wss4j/WSS4JInInterceptor.java   | 16 +++-
 1 file changed, 3 insertions(+), 13 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/864d3f30/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
--
diff --git 
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
 
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
index 020b4ca..d996711 100644
--- 
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
+++ 
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
@@ -294,13 +294,13 @@ public class WSS4JInInterceptor extends 
AbstractWSS4JInterceptor {
 doResults(msg, actor, 
   SAAJUtils.getHeader(doc),
   SAAJUtils.getBody(doc),
-  wsResult);
+  wsResult, utWithCallbacks);
 } else {
 checkActions(msg, reqData, wsResult.getResults(), actions, 
SAAJUtils.getBody(doc));
 doResults(msg, actor,
   SAAJUtils.getHeader(doc),
   SAAJUtils.getBody(doc),
-  wsResult);
+  wsResult, utWithCallbacks);
 }
 }
 advanceBody(msg, SAAJUtils.getBody(doc));
@@ -469,17 +469,7 @@ public class WSS4JInInterceptor extends 
AbstractWSS4JInterceptor {
 String actor, 
 Element soapHeader,
 Element soapBody,
-WSHandlerResult wsResult
-) throws SOAPException, XMLStreamException, WSSecurityException {
-doResults(msg, actor, soapHeader, soapBody, wsResult, false);
-}
-
-protected void doResults(
-SoapMessage msg, 
-String actor,
-Element soapHeader,
-Element soapBody,
-WSHandlerResult wsResult, 
+WSHandlerResult wsResult,
 boolean utWithCallbacks
 ) throws SOAPException, XMLStreamException, WSSecurityException {

cxf git commit: [CXF-6768]InternalContextUtils should bak all the data from the input stream before send back partialResponse

cxf git commit: [CXF-6768]InternalContextUtils should bak all the data from the input stream before send back partialResponse

Nexus: Promotion Completed

cxf git commit: [CXF-5439, CXF-6779] Adding a CXF Provider annotation, marking Swagger2Feature, updating Spring Boot demo

[2/2] cxf git commit: Add the ability to sign/encrypt UserInfoService responses using asymmetric keys

[1/2] cxf git commit: Recording .gitmergeinfo Changes

cxf git commit: Add the ability to sign/encrypt UserInfoService responses using asymmetric keys

cxf git commit: Add the ability to sign/encrypt UserInfoService responses using asymmetric keys

[3/3] cxf git commit: Adding a custom WSS4JSecurityContextCreator for an STS system test

[1/3] cxf git commit: Refactor how WSS4J creates the CXF SecurityContext to make it pluggable

cxf git commit: Recording .gitmergeinfo Changes

[1/3] cxf git commit: Refactor how WSS4J creates the CXF SecurityContext to make it pluggable

[3/3] cxf git commit: Adding a custom WSS4JSecurityContextCreator for an STS system test

[2/3] cxf git commit: Minor change

[2/3] cxf git commit: Minor change

15 matches

Site Navigation

Mail list logo

Footer information