Repository: cxf Updated Branches: refs/heads/master ce2c3121e -> 9c6a35df3
[CXF-6584] - EncryptSignature is ignored Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/9c6a35df Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/9c6a35df Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/9c6a35df Branch: refs/heads/master Commit: 9c6a35df3241f9cb3046af9c941fc86116efb541 Parents: ce2c312 Author: Colm O hEigeartaigh <cohei...@apache.org> Authored: Wed Sep 9 11:57:55 2015 +0100 Committer: Colm O hEigeartaigh <cohei...@apache.org> Committed: Wed Sep 9 11:57:55 2015 +0100 ---------------------------------------------------------------------- .../policyhandlers/AbstractBindingBuilder.java | 27 +++++++++++++++----- 1 file changed, 21 insertions(+), 6 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/9c6a35df/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java ---------------------------------------------------------------------- diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java index e3e011e..6cff697 100644 --- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java +++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java @@ -1867,9 +1867,10 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle try { if (supportingToken.getToken().getDerivedKeys() == DerivedKeys.RequireDerivedKeys) { doSymmSignatureDerived(supportingToken.getToken(), token, sigParts, - isTokenProtection); + isTokenProtection, isSigProtect); } else { - doSymmSignature(supportingToken.getToken(), token, sigParts, isTokenProtection); + doSymmSignature(supportingToken.getToken(), token, sigParts, + isTokenProtection, isSigProtect); } } catch (Exception e) { LOG.log(Level.FINE, e.getMessage(), e); @@ -1894,9 +1895,10 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle if (supportingToken.getToken().getDerivedKeys() == DerivedKeys.RequireDerivedKeys) { doSymmSignatureDerived(supportingToken.getToken(), secToken, sigParts, - isTokenProtection); + isTokenProtection, isSigProtect); } else { - doSymmSignature(supportingToken.getToken(), secToken, sigParts, isTokenProtection); + doSymmSignature(supportingToken.getToken(), secToken, sigParts, + isTokenProtection, isSigProtect); } } catch (Exception e) { LOG.log(Level.FINE, e.getMessage(), e); @@ -1907,7 +1909,8 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle } private void doSymmSignatureDerived(AbstractToken policyToken, SecurityToken tok, - List<WSEncryptionPart> sigParts, boolean isTokenProtection) + List<WSEncryptionPart> sigParts, boolean isTokenProtection, + boolean isSigProtect) throws WSSecurityException { Document doc = saaj.getSOAPPart(); @@ -1983,11 +1986,17 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle //Do signature dkSign.computeSignature(referenceList, false, null); + if (isSigProtect) { + WSEncryptionPart part = new WSEncryptionPart(dkSign.getId(), "Element"); + encryptedTokensList.add(part); + } + addSig(dkSign.getSignatureValue()); } private void doSymmSignature(AbstractToken policyToken, SecurityToken tok, - List<WSEncryptionPart> sigParts, boolean isTokenProtection) + List<WSEncryptionPart> sigParts, boolean isTokenProtection, + boolean isSigProtect) throws WSSecurityException { Document doc = saaj.getSOAPPart(); @@ -2047,6 +2056,12 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle //Do signature sig.computeSignature(referenceList, false, null); + + if (isSigProtect) { + WSEncryptionPart part = new WSEncryptionPart(sig.getId(), "Element"); + encryptedTokensList.add(part); + } + addSig(sig.getSignatureValue()); }