[2/3] cxf git commit: CXF-7315 - Abstract the STS client token caching behaviour to allow the user to plug in a custom implementation
CXF-7315 - Abstract the STS client token caching behaviour to allow the user to plug in a custom implementation # Conflicts: # rt/security/src/main/java/org/apache/cxf/rt/security/SecurityConstants.java # rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java # rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSTokenOutInterceptor.java # rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSTokenRetriever.java Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/4b4bb843 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/4b4bb843 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/4b4bb843 Branch: refs/heads/3.1.x-fixes Commit: 4b4bb8431520ac3571cce86a6557eb2480743815 Parents: d3f9087 Author: Colm O hEigeartaigh Authored: Tue Apr 4 15:59:33 2017 +0100 Committer: Colm O hEigeartaigh Committed: Tue Apr 4 16:50:16 2017 +0100 -- .../cxf/rt/security/SecurityConstants.java | 11 +- .../IssuedTokenInterceptorProvider.java | 15 +- .../interceptors/STSTokenOutInterceptor.java| 22 +- .../security/trust/DefaultSTSTokenCacher.java | 180 ++ .../cxf/ws/security/trust/STSTokenCacher.java | 59 + .../ws/security/trust/STSTokenRetriever.java| 240 +++ 6 files changed, 315 insertions(+), 212 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/4b4bb843/rt/security/src/main/java/org/apache/cxf/rt/security/SecurityConstants.java -- diff --git a/rt/security/src/main/java/org/apache/cxf/rt/security/SecurityConstants.java b/rt/security/src/main/java/org/apache/cxf/rt/security/SecurityConstants.java index aa0106d..61d3966 100644 --- a/rt/security/src/main/java/org/apache/cxf/rt/security/SecurityConstants.java +++ b/rt/security/src/main/java/org/apache/cxf/rt/security/SecurityConstants.java @@ -343,7 +343,14 @@ public class SecurityConstants { */ public static final String STS_TOKEN_IMMINENT_EXPIRY_VALUE = "security.sts.token.imminent-expiry-value"; - + +/** + * An implementation of the STSTokenCacher interface, if you want to plug in custom caching behaviour for + * STS clients. The default value is the DefaultSTSTokenCacher. + */ +public static final String STS_TOKEN_CACHER_IMPL = +"security.sts.token.cacher.impl"; + public static final Set COMMON_PROPERTIES; static { @@ -359,7 +366,7 @@ public class SecurityConstants { DISABLE_STS_CLIENT_WSMEX_CALL_USING_EPR_ADDRESS, STS_TOKEN_CRYPTO, STS_TOKEN_PROPERTIES, STS_TOKEN_USERNAME, STS_TOKEN_ACT_AS, STS_TOKEN_ON_BEHALF_OF, STS_CLIENT, STS_APPLIES_TO, CACHE_ISSUED_TOKEN_IN_ENDPOINT, PREFER_WSMEX_OVER_STS_CLIENT_CONFIG, -STS_TOKEN_IMMINENT_EXPIRY_VALUE +STS_TOKEN_IMMINENT_EXPIRY_VALUE, STS_TOKEN_CACHER_IMPL })); COMMON_PROPERTIES = Collections.unmodifiableSet(s); } http://git-wip-us.apache.org/repos/asf/cxf/blob/4b4bb843/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java -- diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java index 141ec94..47615fc 100644 --- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java +++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java @@ -32,12 +32,15 @@ import org.apache.cxf.interceptor.Fault; import org.apache.cxf.message.Message; import org.apache.cxf.phase.AbstractPhaseInterceptor; import org.apache.cxf.phase.Phase; +import org.apache.cxf.rt.security.utils.SecurityUtils; import org.apache.cxf.ws.policy.AbstractPolicyInterceptorProvider; import org.apache.cxf.ws.policy.AssertionInfo; import org.apache.cxf.ws.policy.AssertionInfoMap; import org.apache.cxf.ws.security.SecurityConstants; import org.apache.cxf.ws.security.policy.PolicyUtils; import org.apache.cxf.ws.security.tokenstore.SecurityToken; +import org.apache.cxf.ws.security.trust.DefaultSTSTokenCacher; +import org.apache.cxf.ws.security.trust.STSTokenCacher; import org.apache.cxf.ws.security.trust.STSTokenRetriever; import org.apache.cxf.ws.security.trust.STSTokenRetriever.TokenRequestParams; import org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor; @@ -130,8 +133,16 @@ public class IssuedTokenInterceptor
cxf git commit: CXF-7315 - Abstract the STS client token caching behaviour to allow the user to plug in a custom implementation
Repository: cxf Updated Branches: refs/heads/master dd421381b -> 048b46de4 CXF-7315 - Abstract the STS client token caching behaviour to allow the user to plug in a custom implementation Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/048b46de Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/048b46de Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/048b46de Branch: refs/heads/master Commit: 048b46de4b2973bbccbaacf5effe34b06faf3e68 Parents: dd42138 Author: Colm O hEigeartaigh Authored: Tue Apr 4 15:59:33 2017 +0100 Committer: Colm O hEigeartaigh Committed: Tue Apr 4 15:59:33 2017 +0100 -- .../cxf/rt/security/SecurityConstants.java | 9 +- .../IssuedTokenInterceptorProvider.java | 13 +- .../interceptors/STSTokenOutInterceptor.java| 13 +- .../security/trust/DefaultSTSTokenCacher.java | 180 ++ .../cxf/ws/security/trust/STSTokenCacher.java | 59 + .../ws/security/trust/STSTokenRetriever.java| 236 +++ 6 files changed, 302 insertions(+), 208 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/048b46de/rt/security/src/main/java/org/apache/cxf/rt/security/SecurityConstants.java -- diff --git a/rt/security/src/main/java/org/apache/cxf/rt/security/SecurityConstants.java b/rt/security/src/main/java/org/apache/cxf/rt/security/SecurityConstants.java index 8405371..a3daaa8 100644 --- a/rt/security/src/main/java/org/apache/cxf/rt/security/SecurityConstants.java +++ b/rt/security/src/main/java/org/apache/cxf/rt/security/SecurityConstants.java @@ -344,6 +344,13 @@ public class SecurityConstants { public static final String STS_TOKEN_IMMINENT_EXPIRY_VALUE = "security.sts.token.imminent-expiry-value"; +/** + * An implementation of the STSTokenCacher interface, if you want to plug in custom caching behaviour for + * STS clients. The default value is the DefaultSTSTokenCacher. + */ +public static final String STS_TOKEN_CACHER_IMPL = +"security.sts.token.cacher.impl"; + public static final Set COMMON_PROPERTIES; static { @@ -359,7 +366,7 @@ public class SecurityConstants { DISABLE_STS_CLIENT_WSMEX_CALL_USING_EPR_ADDRESS, STS_TOKEN_CRYPTO, STS_TOKEN_PROPERTIES, STS_TOKEN_USERNAME, STS_TOKEN_ACT_AS, STS_TOKEN_ON_BEHALF_OF, STS_CLIENT, STS_APPLIES_TO, CACHE_ISSUED_TOKEN_IN_ENDPOINT, PREFER_WSMEX_OVER_STS_CLIENT_CONFIG, -STS_TOKEN_IMMINENT_EXPIRY_VALUE +STS_TOKEN_IMMINENT_EXPIRY_VALUE, STS_TOKEN_CACHER_IMPL })); COMMON_PROPERTIES = Collections.unmodifiableSet(s); } http://git-wip-us.apache.org/repos/asf/cxf/blob/048b46de/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java -- diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java index a1c794e..b40e720 100644 --- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java +++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java @@ -32,12 +32,15 @@ import org.apache.cxf.interceptor.Fault; import org.apache.cxf.message.Message; import org.apache.cxf.phase.AbstractPhaseInterceptor; import org.apache.cxf.phase.Phase; +import org.apache.cxf.rt.security.utils.SecurityUtils; import org.apache.cxf.ws.policy.AbstractPolicyInterceptorProvider; import org.apache.cxf.ws.policy.AssertionInfo; import org.apache.cxf.ws.policy.AssertionInfoMap; import org.apache.cxf.ws.security.SecurityConstants; import org.apache.cxf.ws.security.policy.PolicyUtils; import org.apache.cxf.ws.security.tokenstore.SecurityToken; +import org.apache.cxf.ws.security.trust.DefaultSTSTokenCacher; +import org.apache.cxf.ws.security.trust.STSTokenCacher; import org.apache.cxf.ws.security.trust.STSTokenRetriever; import org.apache.cxf.ws.security.trust.STSTokenRetriever.TokenRequestParams; import org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor; @@ -130,7 +133,15 @@ public class IssuedTokenInterceptorProvider extends AbstractPolicyInterceptorPro params.setTrust13(NegotiationUtils.getTrust13(aim)); params.setTokenTemplate(itok.getRequestSecurityTokenTemplate()); -SecurityToken tok = STSTokenRetriever.getToken(message, params); +// Get a custom STSTokenCacher implementation if speci