Author: coheigea
Date: Thu Jun 25 11:21:21 2009
New Revision: 788327
URL: http://svn.apache.org/viewvc?rev=788327&view=rev
Log:
[WSS-131] - Added support for custom actions in WSSecurityUtil.decodeActions()
- A new version of this method takes in a WSSConfig instance, and it checks
the action List in this for the specified action
- It's up to e.g. CXF to support calling this method on the outbound side.
Modified:
webservices/wss4j/trunk/src/org/apache/ws/security/util/WSSecurityUtil.java
webservices/wss4j/trunk/test/wssec/TestWSSecurityUserProcessor.java
Modified:
webservices/wss4j/trunk/src/org/apache/ws/security/util/WSSecurityUtil.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/util/WSSecurityUtil.java?rev=788327&r1=788326&r2=788327&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/util/WSSecurityUtil.java
(original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/util/WSSecurityUtil.java
Thu Jun 25 11:21:21 2009
@@ -28,6 +28,7 @@
import org.apache.ws.security.WSDataRef;
import org.apache.ws.security.WSSecurityEngineResult;
import org.apache.ws.security.WSSecurityException;
+import org.apache.ws.security.WSSConfig;
import org.apache.ws.security.handler.WSHandlerConstants;
import org.apache.xml.security.algorithms.JCEMapper;
import org.apache.xml.security.signature.XMLSignature;
@@ -860,6 +861,73 @@
}
return doAction;
}
+
+
+ /**
+ * Decode an action String. This method should only be called on the
outbound side.
+ * @param action The initial String of actions to perform
+ * @param actions The list of created actions that will be performed
+ * @param wssConfig This object holds the list of custom actions to be
performed.
+ * @return The or'd integer of all the actions (apart from the custom
actions)
+ * @throws WSSecurityException
+ */
+ public static int decodeAction(
+ String action,
+ List actions,
+ WSSConfig wssConfig
+ ) throws WSSecurityException {
+
+ int doAction = 0;
+ if (action == null) {
+ return doAction;
+ }
+ String single[] = StringUtil.split(action, ' ');
+ for (int i = 0; i < single.length; i++) {
+ if (single[i].equals(WSHandlerConstants.NO_SECURITY)) {
+ doAction = WSConstants.NO_SECURITY;
+ return doAction;
+ } else if (single[i].equals(WSHandlerConstants.USERNAME_TOKEN)) {
+ doAction |= WSConstants.UT;
+ actions.add(new Integer(WSConstants.UT));
+ } else if (single[i].equals(WSHandlerConstants.SIGNATURE)) {
+ doAction |= WSConstants.SIGN;
+ actions.add(new Integer(WSConstants.SIGN));
+ } else if (single[i].equals(WSHandlerConstants.ENCRYPT)) {
+ doAction |= WSConstants.ENCR;
+ actions.add(new Integer(WSConstants.ENCR));
+ } else if
(single[i].equals(WSHandlerConstants.SAML_TOKEN_UNSIGNED)) {
+ doAction |= WSConstants.ST_UNSIGNED;
+ actions.add(new Integer(WSConstants.ST_UNSIGNED));
+ } else if (single[i].equals(WSHandlerConstants.SAML_TOKEN_SIGNED))
{
+ doAction |= WSConstants.ST_SIGNED;
+ actions.add(new Integer(WSConstants.ST_SIGNED));
+ } else if (single[i].equals(WSHandlerConstants.TIMESTAMP)) {
+ doAction |= WSConstants.TS;
+ actions.add(new Integer(WSConstants.TS));
+ } else if (single[i].equals(WSHandlerConstants.NO_SERIALIZATION)) {
+ doAction |= WSConstants.NO_SERIALIZE;
+ actions.add(new Integer(WSConstants.NO_SERIALIZE));
+ } else if (single[i].equals(WSHandlerConstants.SIGN_WITH_UT_KEY)) {
+ doAction |= WSConstants.UT_SIGN;
+ actions.add(new Integer(WSConstants.UT_SIGN));
+ } else {
+ try {
+ int parsedAction = Integer.parseInt(single[i]);
+ if (wssConfig.getAction(parsedAction) == null) {
+ throw new WSSecurityException(
+ "Unknown action defined: " + single[i]
+ );
+ }
+ actions.add(new Integer(parsedAction));
+ } catch (NumberFormatException ex) {
+ throw new WSSecurityException(
+ "Unknown action defined: " + single[i]
+ );
+ }
+ }
+ }
+ return doAction;
+ }
/**
* Returns the length of the key in # of bytes
Modified: webservices/wss4j/trunk/test/wssec/TestWSSecurityUserProcessor.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/test/wssec/TestWSSecurityUserProcessor.java?rev=788327&r1=788326&r2=788327&view=diff
==============================================================================
--- webservices/wss4j/trunk/test/wssec/TestWSSecurityUserProcessor.java
(original)
+++ webservices/wss4j/trunk/test/wssec/TestWSSecurityUserProcessor.java Thu Jun
25 11:21:21 2009
@@ -27,13 +27,19 @@
import org.apache.ws.security.WSSecurityEngine;
import org.apache.ws.security.WSConstants;
import org.apache.ws.security.WSSConfig;
+import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.components.crypto.Crypto;
import org.apache.ws.security.components.crypto.CryptoFactory;
import org.apache.ws.security.handler.RequestData;
+import org.apache.ws.security.handler.WSHandlerConstants;
import org.apache.ws.security.message.WSSecSignature;
import org.apache.ws.security.message.WSSecHeader;
+import org.apache.ws.security.util.WSSecurityUtil;
import org.w3c.dom.Document;
+import java.util.List;
+import java.util.Vector;
+
/**
* WS-Security Test Case
@@ -110,7 +116,7 @@
);
final WSSecurityEngine engine = new WSSecurityEngine();
engine.setWssConfig(cfg);
- final java.util.List results =
+ final List results =
engine.processSecurityHeader(doc, null, null, crypto);
boolean found = false;
for (final java.util.Iterator pos = results.iterator();
pos.hasNext(); ) {
@@ -157,7 +163,7 @@
);
final WSSecurityEngine engine = new WSSecurityEngine();
engine.setWssConfig(cfg);
- final java.util.List results =
+ final List results =
engine.processSecurityHeader(doc, null, null, crypto);
boolean found = false;
for (final java.util.Iterator pos = results.iterator();
pos.hasNext(); ) {
@@ -184,9 +190,8 @@
cfg.setAction(action, "wssec.MyAction");
final RequestData reqData = new RequestData();
reqData.setWssConfig(cfg);
- reqData.setMsgContext(new java.util.TreeMap());
- final java.util.Vector actions = new java.util.Vector();
+ final List actions = new Vector();
actions.add(new Integer(action));
final Document doc = SOAPUtil.toSOAPPart(SOAPMSG);
MyHandler handler = new MyHandler();
@@ -214,9 +219,8 @@
cfg.setAction(action, new wssec.MyAction());
final RequestData reqData = new RequestData();
reqData.setWssConfig(cfg);
- reqData.setMsgContext(new java.util.TreeMap());
- final java.util.Vector actions = new java.util.Vector();
+ final List actions = new Vector();
actions.add(new Integer(action));
final Document doc = SOAPUtil.toSOAPPart(SOAPMSG);
MyHandler handler = new MyHandler();
@@ -231,5 +235,83 @@
);
assertEquals(reqData.getMsgContext(), "crumb");
}
+
+ /**
+ * Test to see that a custom action can be configured via
WSSecurityUtil.decodeAction.
+ * A standard Timestamp action is also configured.
+ */
+ public void
+ testDecodeCustomAction() throws Exception {
+
+ final WSSConfig cfg = WSSConfig.getNewInstance();
+ final int customAction = 0xDEADF000;
+
+ String actionString =
+ WSHandlerConstants.TIMESTAMP + " " + new
Integer(customAction).toString();
+ List actionList = new Vector();
+ //
+ // This parsing will fail as it doesn't know what the custom action is
+ //
+ try {
+ WSSecurityUtil.decodeAction(actionString, actionList);
+ fail("Failure expected on unknown action");
+ } catch (WSSecurityException ex) {
+ // expected
+ }
+ actionList.clear();
+
+ //
+ // This parsing will fail as WSSConfig doesn't know what the custom
action is
+ //
+ try {
+ WSSecurityUtil.decodeAction(actionString, actionList, cfg);
+ fail("Failure expected on unknown action");
+ } catch (WSSecurityException ex) {
+ // expected
+ }
+ actionList.clear();
+
+ //
+ // This parsing will fail as the action String is badly formed
+ //
+ try {
+ String badActionString =
+ WSHandlerConstants.TIMESTAMP + " " + "NewCustomAction";
+ WSSecurityUtil.decodeAction(badActionString, actionList, cfg);
+ fail("Failure expected on unknown action");
+ } catch (WSSecurityException ex) {
+ // expected
+ }
+ actionList.clear();
+
+ //
+ // This parsing should pass as WSSConfig has been configured with the
custom action
+ //
+ cfg.setAction(customAction, "wssec.MyAction");
+ int actions = WSSecurityUtil.decodeAction(actionString, actionList,
cfg);
+
+ final RequestData reqData = new RequestData();
+ reqData.setWssConfig(cfg);
+
+ final Document doc = SOAPUtil.toSOAPPart(SOAPMSG);
+ MyHandler handler = new MyHandler();
+ reqData.setMsgContext("bread");
+ assertEquals(reqData.getMsgContext(), "bread");
+ handler.send(
+ actions,
+ doc,
+ reqData,
+ actionList,
+ true
+ );
+ assertEquals(reqData.getMsgContext(), "crumb");
+
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("Message:");
+ String outputString =
+
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(doc);
+ LOG.debug(outputString);
+ }
+ }
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
