Author: coheigea
Date: Thu Jun 25 11:34:47 2009
New Revision: 788329
URL: http://svn.apache.org/viewvc?rev=788329&view=rev
Log:
[WSS-131] - Backported.
Modified:
webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/util/WSSecurityUtil.java
webservices/wss4j/branches/1_5_x-fixes/test/wssec/TestWSSecurityUserProcessor.java
Modified:
webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/util/WSSecurityUtil.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/util/WSSecurityUtil.java?rev=788329&r1=788328&r2=788329&view=diff
==============================================================================
---
webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/util/WSSecurityUtil.java
(original)
+++
webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/util/WSSecurityUtil.java
Thu Jun 25 11:34:47 2009
@@ -26,6 +26,7 @@
import org.apache.ws.security.WSConstants;
import org.apache.ws.security.WSSecurityEngineResult;
import org.apache.ws.security.WSSecurityException;
+import org.apache.ws.security.WSSConfig;
import org.apache.ws.security.handler.WSHandlerConstants;
import org.apache.ws.security.handler.WSHandlerResult;
import org.apache.xml.security.algorithms.JCEMapper;
@@ -886,6 +887,73 @@
}
return doAction;
}
+
+
+ /**
+ * Decode an action String. This method should only be called on the
outbound side.
+ * @param action The initial String of actions to perform
+ * @param actions The vector of created actions that will be performed
+ * @param wssConfig This object holds the list of custom actions to be
performed.
+ * @return The or'd integer of all the actions (apart from the custom
actions)
+ * @throws WSSecurityException
+ */
+ public static int decodeAction(
+ String action,
+ Vector actions,
+ WSSConfig wssConfig
+ ) throws WSSecurityException {
+
+ int doAction = 0;
+ if (action == null) {
+ return doAction;
+ }
+ String single[] = StringUtil.split(action, ' ');
+ for (int i = 0; i < single.length; i++) {
+ if (single[i].equals(WSHandlerConstants.NO_SECURITY)) {
+ doAction = WSConstants.NO_SECURITY;
+ return doAction;
+ } else if (single[i].equals(WSHandlerConstants.USERNAME_TOKEN)) {
+ doAction |= WSConstants.UT;
+ actions.add(new Integer(WSConstants.UT));
+ } else if (single[i].equals(WSHandlerConstants.SIGNATURE)) {
+ doAction |= WSConstants.SIGN;
+ actions.add(new Integer(WSConstants.SIGN));
+ } else if (single[i].equals(WSHandlerConstants.ENCRYPT)) {
+ doAction |= WSConstants.ENCR;
+ actions.add(new Integer(WSConstants.ENCR));
+ } else if
(single[i].equals(WSHandlerConstants.SAML_TOKEN_UNSIGNED)) {
+ doAction |= WSConstants.ST_UNSIGNED;
+ actions.add(new Integer(WSConstants.ST_UNSIGNED));
+ } else if (single[i].equals(WSHandlerConstants.SAML_TOKEN_SIGNED))
{
+ doAction |= WSConstants.ST_SIGNED;
+ actions.add(new Integer(WSConstants.ST_SIGNED));
+ } else if (single[i].equals(WSHandlerConstants.TIMESTAMP)) {
+ doAction |= WSConstants.TS;
+ actions.add(new Integer(WSConstants.TS));
+ } else if (single[i].equals(WSHandlerConstants.NO_SERIALIZATION)) {
+ doAction |= WSConstants.NO_SERIALIZE;
+ actions.add(new Integer(WSConstants.NO_SERIALIZE));
+ } else if (single[i].equals(WSHandlerConstants.SIGN_WITH_UT_KEY)) {
+ doAction |= WSConstants.UT_SIGN;
+ actions.add(new Integer(WSConstants.UT_SIGN));
+ } else {
+ try {
+ int parsedAction = Integer.parseInt(single[i]);
+ if (wssConfig.getAction(parsedAction) == null) {
+ throw new WSSecurityException(
+ "Unknown action defined: " + single[i]
+ );
+ }
+ actions.add(new Integer(parsedAction));
+ } catch (NumberFormatException ex) {
+ throw new WSSecurityException(
+ "Unknown action defined: " + single[i]
+ );
+ }
+ }
+ }
+ return doAction;
+ }
/**
* Returns the length of the key in # of bytes
Modified:
webservices/wss4j/branches/1_5_x-fixes/test/wssec/TestWSSecurityUserProcessor.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/branches/1_5_x-fixes/test/wssec/TestWSSecurityUserProcessor.java?rev=788329&r1=788328&r2=788329&view=diff
==============================================================================
---
webservices/wss4j/branches/1_5_x-fixes/test/wssec/TestWSSecurityUserProcessor.java
(original)
+++
webservices/wss4j/branches/1_5_x-fixes/test/wssec/TestWSSecurityUserProcessor.java
Thu Jun 25 11:34:47 2009
@@ -30,16 +30,20 @@
import org.apache.ws.security.WSSecurityEngine;
import org.apache.ws.security.WSConstants;
import org.apache.ws.security.WSSConfig;
+import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.components.crypto.Crypto;
import org.apache.ws.security.components.crypto.CryptoFactory;
import org.apache.ws.security.handler.WSHandler;
import org.apache.ws.security.handler.RequestData;
+import org.apache.ws.security.handler.WSHandlerConstants;
import org.apache.ws.security.message.WSSecSignature;
import org.apache.ws.security.message.WSSecHeader;
+import org.apache.ws.security.util.WSSecurityUtil;
import org.w3c.dom.Document;
import java.io.ByteArrayInputStream;
import java.io.InputStream;
+import java.util.Vector;
/**
@@ -265,6 +269,83 @@
}
/**
+ * Test to see that a custom action can be configured via
WSSecurityUtil.decodeAction.
+ * A standard Timestamp action is also configured.
+ */
+ public void
+ testDecodeCustomAction() throws Exception {
+
+ final WSSConfig cfg = WSSConfig.getNewInstance();
+ final int customAction = 0xDEADF000;
+
+ String actionString =
+ WSHandlerConstants.TIMESTAMP + " " + new
Integer(customAction).toString();
+ Vector actionList = new Vector();
+ //
+ // This parsing will fail as it doesn't know what the custom action is
+ //
+ try {
+ WSSecurityUtil.decodeAction(actionString, actionList);
+ fail("Failure expected on unknown action");
+ } catch (WSSecurityException ex) {
+ // expected
+ }
+ actionList.clear();
+
+ //
+ // This parsing will fail as WSSConfig doesn't know what the custom
action is
+ //
+ try {
+ WSSecurityUtil.decodeAction(actionString, actionList, cfg);
+ fail("Failure expected on unknown action");
+ } catch (WSSecurityException ex) {
+ // expected
+ }
+ actionList.clear();
+
+ //
+ // This parsing will fail as the action String is badly formed
+ //
+ try {
+ String badActionString =
+ WSHandlerConstants.TIMESTAMP + " " + "NewCustomAction";
+ WSSecurityUtil.decodeAction(badActionString, actionList, cfg);
+ fail("Failure expected on unknown action");
+ } catch (WSSecurityException ex) {
+ // expected
+ }
+ actionList.clear();
+
+ //
+ // This parsing should pass as WSSConfig has been configured with the
custom action
+ //
+ cfg.setAction(customAction, "wssec.MyAction");
+ int actions = WSSecurityUtil.decodeAction(actionString, actionList,
cfg);
+
+ final RequestData reqData = new RequestData();
+ reqData.setWssConfig(cfg);
+
+ final Document doc = SOAPUtil.toSOAPPart(SOAPMSG);
+ MyHandler handler = new MyHandler();
+ reqData.setMsgContext("bread");
+ assertEquals(reqData.getMsgContext(), "bread");
+ handler.doit(
+ actions,
+ doc,
+ reqData,
+ actionList
+ );
+ assertEquals(reqData.getMsgContext(), "crumb");
+
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("Message:");
+ String outputString =
+
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(doc);
+ LOG.debug(outputString);
+ }
+ }
+
+ /**
* a trivial extension of the WSHandler type
*/
public static class MyHandler extends WSHandler {
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
