[2/3] cxf git commit: CXF-7314 - Custom BinarySecurityTokens are not used to set up the security context

2017-04-04 Thread coheigea 
CXF-7314 - Custom BinarySecurityTokens are not used to set up the security 
context

# Conflicts:
#   
rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/DefaultWSS4JSecurityContextCreator.java


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/c799670d
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/c799670d
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/c799670d

Branch: refs/heads/3.1.x-fixes
Commit: c799670d4bca30c7a1b316b378c8bfce90a7eeb7
Parents: e2fd915
Author: Colm O hEigeartaigh 
Authored: Tue Apr 4 11:24:57 2017 +0100
Committer: Colm O hEigeartaigh 
Committed: Tue Apr 4 12:05:45 2017 +0100

--
 .../DefaultWSS4JSecurityContextCreator.java | 29 +++-
 1 file changed, 28 insertions(+), 1 deletion(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/c799670d/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/DefaultWSS4JSecurityContextCreator.java
--
diff --git 
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/DefaultWSS4JSecurityContextCreator.java
 
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/DefaultWSS4JSecurityContextCreator.java
index 7855d0e..2cbebd7 100644
--- 
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/DefaultWSS4JSecurityContextCreator.java
+++ 
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/DefaultWSS4JSecurityContextCreator.java
@@ -40,10 +40,11 @@ import org.apache.cxf.rt.security.utils.SecurityUtils;
 import org.apache.cxf.security.SecurityContext;
 import org.apache.cxf.ws.security.SecurityConstants;
 import org.apache.wss4j.common.saml.SamlAssertionWrapper;
+import org.apache.wss4j.common.token.PKIPathSecurity;
+import org.apache.wss4j.common.token.X509Security;
 import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.dom.engine.WSSecurityEngineResult;
 import org.apache.wss4j.dom.handler.WSHandlerResult;
-import org.apache.wss4j.dom.message.token.KerberosSecurity;
 
 /**
  * The default implementation to create a SecurityContext from a set of WSS4J 
processing results.
@@ -93,6 +94,7 @@ public class DefaultWSS4JSecurityContextCreator implements 
WSS4JSecurityContextC
 List foundResults = 
actionResults.get(resultPriority);
 if (foundResults != null && !foundResults.isEmpty()) {
 for (WSSecurityEngineResult result : foundResults) {
+<<< HEAD
 final Object binarySecurity = 
result.get(WSSecurityEngineResult.TAG_BINARY_SECURITY_TOKEN);
 PublicKey publickey = 
 
(PublicKey)result.get(WSSecurityEngineResult.TAG_PUBLIC_KEY);
@@ -107,12 +109,37 @@ public class DefaultWSS4JSecurityContextCreator 
implements WSS4JSecurityContextC
 if (context != null) {
 msg.put(SecurityContext.class, context);
 return;
+===
+
+if (!skipResult(resultPriority, result)) {
+SecurityContext context = createSecurityContext(msg, 
useJAASSubject, result);
+if (context != null) {
+msg.put(SecurityContext.class, context);
+return;
+}
+>>> d1b8ff6... CXF-7314 - Custom BinarySecurityTokens are not used to set 
up the security context
 }
 }
 }
 }
 }
+<<< HEAD
 
+===
+
+private boolean skipResult(Integer resultPriority, WSSecurityEngineResult 
result) {
+Object binarySecurity = 
result.get(WSSecurityEngineResult.TAG_BINARY_SECURITY_TOKEN);
+PublicKey publickey =
+(PublicKey)result.get(WSSecurityEngineResult.TAG_PUBLIC_KEY);
+X509Certificate cert =
+
(X509Certificate)result.get(WSSecurityEngineResult.TAG_X509_CERTIFICATE);
+
+return resultPriority == WSConstants.BST
+&& (binarySecurity instanceof X509Security || binarySecurity 
instanceof PKIPathSecurity)
+|| resultPriority == WSConstants.SIGN && publickey == null && cert 
== null;
+}
+
+>>> d1b8ff6... CXF-7314 - Custom BinarySecurityTokens are not used to set 
up the security context
 protected SecurityContext createSecurityContext(
 SoapMessage msg, boolean useJAASSubject, WSSecurityEngineResult 
wsResult
 ) {

cxf git commit: CXF-7314 - Custom BinarySecurityTokens are not used to set up the security context

2017-04-04 Thread coheigea 
Repository: cxf
Updated Branches:
  refs/heads/master b77e43f19 -> d1b8ff637


CXF-7314 - Custom BinarySecurityTokens are not used to set up the security 
context


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/d1b8ff63
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/d1b8ff63
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/d1b8ff63

Branch: refs/heads/master
Commit: d1b8ff6374a0729752948213b7a0cdb7427085d1
Parents: b77e43f
Author: Colm O hEigeartaigh 
Authored: Tue Apr 4 11:24:57 2017 +0100
Committer: Colm O hEigeartaigh 
Committed: Tue Apr 4 11:24:57 2017 +0100

--
 .../DefaultWSS4JSecurityContextCreator.java | 36 
 1 file changed, 21 insertions(+), 15 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/d1b8ff63/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/DefaultWSS4JSecurityContextCreator.java
--
diff --git 
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/DefaultWSS4JSecurityContextCreator.java
 
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/DefaultWSS4JSecurityContextCreator.java
index 77708f5..a6fa8ef 100644
--- 
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/DefaultWSS4JSecurityContextCreator.java
+++ 
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/DefaultWSS4JSecurityContextCreator.java
@@ -40,10 +40,11 @@ import org.apache.cxf.rt.security.utils.SecurityUtils;
 import org.apache.cxf.security.SecurityContext;
 import org.apache.cxf.ws.security.SecurityConstants;
 import org.apache.wss4j.common.saml.SamlAssertionWrapper;
+import org.apache.wss4j.common.token.PKIPathSecurity;
+import org.apache.wss4j.common.token.X509Security;
 import org.apache.wss4j.dom.WSConstants;
 import org.apache.wss4j.dom.engine.WSSecurityEngineResult;
 import org.apache.wss4j.dom.handler.WSHandlerResult;
-import org.apache.wss4j.dom.message.token.KerberosSecurity;
 
 /**
  * The default implementation to create a SecurityContext from a set of WSS4J 
processing results.
@@ -94,26 +95,31 @@ public class DefaultWSS4JSecurityContextCreator implements 
WSS4JSecurityContextC
 List foundResults = 
actionResults.get(resultPriority);
 if (foundResults != null && !foundResults.isEmpty()) {
 for (WSSecurityEngineResult result : foundResults) {
-final Object binarySecurity = 
result.get(WSSecurityEngineResult.TAG_BINARY_SECURITY_TOKEN);
-PublicKey publickey =
-
(PublicKey)result.get(WSSecurityEngineResult.TAG_PUBLIC_KEY);
-X509Certificate cert =
-
(X509Certificate)result.get(WSSecurityEngineResult.TAG_X509_CERTIFICATE);
-
-if ((resultPriority == WSConstants.BST && !(binarySecurity 
instanceof KerberosSecurity))
-|| (resultPriority == WSConstants.SIGN && publickey == 
null && cert == null)) {
-continue;
-}
-SecurityContext context = createSecurityContext(msg, 
useJAASSubject, result);
-if (context != null) {
-msg.put(SecurityContext.class, context);
-return;
+
+if (!skipResult(resultPriority, result)) {
+SecurityContext context = createSecurityContext(msg, 
useJAASSubject, result);
+if (context != null) {
+msg.put(SecurityContext.class, context);
+return;
+}
 }
 }
 }
 }
 }
 
+private boolean skipResult(Integer resultPriority, WSSecurityEngineResult 
result) {
+Object binarySecurity = 
result.get(WSSecurityEngineResult.TAG_BINARY_SECURITY_TOKEN);
+PublicKey publickey =
+(PublicKey)result.get(WSSecurityEngineResult.TAG_PUBLIC_KEY);
+X509Certificate cert =
+
(X509Certificate)result.get(WSSecurityEngineResult.TAG_X509_CERTIFICATE);
+
+return resultPriority == WSConstants.BST
+&& (binarySecurity instanceof X509Security || binarySecurity 
instanceof PKIPathSecurity)
+|| resultPriority == WSConstants.SIGN && publickey == null && cert 
== null;
+}
+
 protected SecurityContext createSecurityContext(
 SoapMessage msg, boolean useJAASSubject, WSSecurityEngineResult 
wsResult
 ) {