Author: coheigea
Date: Fri Dec 19 08:40:14 2008
New Revision: 728062
URL: http://svn.apache.org/viewvc?rev=728062&view=rev
Log:
[WSS-62] - A fix for " the crypto file not being retrieved in the
doReceiverAction method for the Saml Signed Token"
- Added a test for this as well.
Modified:
webservices/wss4j/trunk/src/org/apache/ws/security/handler/WSHandler.java
webservices/wss4j/trunk/src/org/apache/ws/security/handler/WSHandlerConstants.java
webservices/wss4j/trunk/test/wssec/TestWSSecurityNewST2.java
webservices/wss4j/trunk/test/wssec/TestWSSecurityUserProcessor.java
Modified:
webservices/wss4j/trunk/src/org/apache/ws/security/handler/WSHandler.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/handler/WSHandler.java?rev=728062&r1=728061&r2=728062&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/handler/WSHandler.java
(original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/handler/WSHandler.java
Fri Dec 19 08:40:14 2008
@@ -134,7 +134,7 @@
decodeSignatureParameter(reqData);
}
/*
- * If we need to handle signed SAML token then we need may of the
+ * If we need to handle signed SAML token then we may need the
* Signature parameters. The handle procedure loads the signature
crypto
* file on demand, thus don't do it here.
*/
@@ -256,7 +256,11 @@
if ((doAction & WSConstants.SIGN) == WSConstants.SIGN) {
decodeSignatureParameter2(reqData);
}
-
+
+ if ((doAction & WSConstants.ST_SIGNED) == WSConstants.ST_SIGNED) {
+ decodeSignatureParameter2(reqData);
+ }
+
if ((doAction & WSConstants.ENCR) == WSConstants.ENCR) {
decodeDecryptionParameter(reqData);
}
Modified:
webservices/wss4j/trunk/src/org/apache/ws/security/handler/WSHandlerConstants.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/handler/WSHandlerConstants.java?rev=728062&r1=728061&r2=728062&view=diff
==============================================================================
---
webservices/wss4j/trunk/src/org/apache/ws/security/handler/WSHandlerConstants.java
(original)
+++
webservices/wss4j/trunk/src/org/apache/ws/security/handler/WSHandlerConstants.java
Fri Dec 19 08:40:14 2008
@@ -338,7 +338,7 @@
public static final String ENC_KEY_NAME = "EmbeddedKeyName";
/**
- * The name of the crypto propterty file to use for SOAP Signature.
+ * The name of the crypto property file to use for SOAP Signature.
* <p/>
* The classloader loads this file. Therefore it must be accessible
* via the classpath.
Modified: webservices/wss4j/trunk/test/wssec/TestWSSecurityNewST2.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/test/wssec/TestWSSecurityNewST2.java?rev=728062&r1=728061&r2=728062&view=diff
==============================================================================
--- webservices/wss4j/trunk/test/wssec/TestWSSecurityNewST2.java (original)
+++ webservices/wss4j/trunk/test/wssec/TestWSSecurityNewST2.java Fri Dec 19
08:40:14 2008
@@ -34,10 +34,14 @@
import org.apache.commons.logging.LogFactory;
import org.apache.ws.security.WSConstants;
import org.apache.ws.security.WSPasswordCallback;
+import org.apache.ws.security.WSSConfig;
import org.apache.ws.security.WSSecurityEngine;
import org.apache.ws.security.saml.WSSecSignatureSAML;
import org.apache.ws.security.components.crypto.Crypto;
import org.apache.ws.security.components.crypto.CryptoFactory;
+import org.apache.ws.security.handler.RequestData;
+import org.apache.ws.security.handler.WSHandler;
+import org.apache.ws.security.handler.WSHandlerConstants;
import org.apache.ws.security.message.WSSecHeader;
import org.w3c.dom.Document;
@@ -223,6 +227,66 @@
signedDoc = signedMsg.getSOAPEnvelope().getAsDocument();
verify(signedDoc);
}
+
+
+ /**
+ * A test for WSS-62: "the crypto file not being retrieved in the
doReceiverAction
+ * method for the Saml Signed Token"
+ *
+ * https://issues.apache.org/jira/browse/WSS-62
+ */
+ public void testWSS62() throws Exception {
+ SOAPEnvelope unsignedEnvelope = message.getSOAPEnvelope();
+ SAMLIssuer saml = SAMLIssuerFactory.getInstance("saml.properties");
+
+ SAMLAssertion assertion = saml.newAssertion();
+
+ String issuerKeyName = saml.getIssuerKeyName();
+ String issuerKeyPW = saml.getIssuerKeyPassword();
+ Crypto issuerCrypto = saml.getIssuerCrypto();
+ WSSecSignatureSAML wsSign = new WSSecSignatureSAML();
+ wsSign.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
+
+ Document doc = unsignedEnvelope.getAsDocument();
+
+ WSSecHeader secHeader = new WSSecHeader();
+ secHeader.insertSecurityHeader(doc);
+
+ Document signedDoc =
+ wsSign.build(doc, null, assertion, issuerCrypto, issuerKeyName,
issuerKeyPW, secHeader);
+
+ //
+ // Now verify it but first call Handler#doReceiverAction
+ //
+ final WSSConfig cfg = WSSConfig.getNewInstance();
+ final RequestData reqData = new RequestData();
+ reqData.setWssConfig(cfg);
+ reqData.setMsgContext(new java.util.TreeMap());
+ java.util.Map msgContext = new java.util.HashMap();
+ msgContext.put(WSHandlerConstants.SIG_PROP_FILE, "crypto.properties");
+ reqData.setMsgContext(msgContext);
+
+ MyHandler handler = new MyHandler();
+ handler.doit(WSConstants.ST_SIGNED, reqData);
+
+ secEngine.processSecurityHeader(
+ signedDoc, null, this, reqData.getSigCrypto(),
reqData.getDecCrypto()
+ );
+
+ //
+ // Negative test
+ //
+ msgContext.put(WSHandlerConstants.SIG_PROP_FILE,
"crypto.properties.na");
+ reqData.setMsgContext(msgContext);
+
+ handler = new MyHandler();
+ try {
+ handler.doit(WSConstants.ST_SIGNED, reqData);
+ fail("Failure expected on a bad crypto properties file");
+ } catch (RuntimeException ex) {
+ // expected
+ }
+ }
/**
@@ -256,4 +320,45 @@
}
}
}
+
+ /**
+ * a trivial extension of the WSHandler type
+ */
+ public static class MyHandler extends WSHandler {
+
+ public Object
+ getOption(String key) {
+ return null;
+ }
+
+ public void
+ setProperty(
+ Object msgContext,
+ String key,
+ Object value
+ ) {
+ }
+
+ public Object
+ getProperty(Object ctx, String key) {
+ java.util.Map ctxMap = (java.util.Map)ctx;
+ return ctxMap.get(key);
+ }
+
+ public void
+ setPassword(Object msgContext, String password) {
+ }
+
+ public String
+ getPassword(Object msgContext) {
+ return null;
+ }
+
+ void doit(
+ int action,
+ RequestData reqData
+ ) throws org.apache.ws.security.WSSecurityException {
+ doReceiverAction(action, reqData);
+ }
+ }
}
Modified: webservices/wss4j/trunk/test/wssec/TestWSSecurityUserProcessor.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/test/wssec/TestWSSecurityUserProcessor.java?rev=728062&r1=728061&r2=728062&view=diff
==============================================================================
--- webservices/wss4j/trunk/test/wssec/TestWSSecurityUserProcessor.java
(original)
+++ webservices/wss4j/trunk/test/wssec/TestWSSecurityUserProcessor.java Fri Dec
19 08:40:14 2008
@@ -31,15 +31,12 @@
import org.apache.ws.security.WSSecurityEngine;
import org.apache.ws.security.WSConstants;
import org.apache.ws.security.WSSConfig;
-import org.apache.ws.security.action.Action;
import org.apache.ws.security.components.crypto.Crypto;
-import org.apache.ws.security.components.crypto.CryptoBase;
import org.apache.ws.security.components.crypto.CryptoFactory;
import org.apache.ws.security.handler.WSHandler;
import org.apache.ws.security.handler.RequestData;
import org.apache.ws.security.message.WSSecSignature;
import org.apache.ws.security.message.WSSecHeader;
-import org.apache.ws.security.processor.Processor;
import org.w3c.dom.Document;
import java.io.ByteArrayInputStream;
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
