Author: coheigea
Date: Thu Jul 9 11:44:51 2009
New Revision: 792511
URL: http://svn.apache.org/viewvc?rev=792511&view=rev
Log:
[WSS-198] - Backported fix for xpath expressions on Signature elements.
Modified:
webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/processor/ReferenceListProcessor.java
webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/processor/SignatureProcessor.java
webservices/wss4j/branches/1_5_x-fixes/test/wssec/TestWSSecuritySignatureParts.java
Modified:
webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/processor/ReferenceListProcessor.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/processor/ReferenceListProcessor.java?rev=792511&r1=792510&r2=792511&view=diff
==============================================================================
---
webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/processor/ReferenceListProcessor.java
(original)
+++
webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/processor/ReferenceListProcessor.java
Thu Jul 9 11:44:51 2009
@@ -387,46 +387,46 @@
* (eg.
"/soapenv:Envelope/soapenv:Body/ns:decryptedElement")
* if the decryptedNode is an Element or an Attr node and is not
detached
* from the document. <code>null</code> otherwise
- */
- private static String getXPath(Node decryptedNode) {
- if (decryptedNode == null) {
- return null;
- }
-
- String result = "";
- if (Node.ELEMENT_NODE == decryptedNode.getNodeType()) {
- result = decryptedNode.getNodeName();
- result = prependFullPath(result, decryptedNode.getParentNode());
- } else if (Node.ATTRIBUTE_NODE == decryptedNode.getNodeType()) {
- result = "@" + decryptedNode.getNodeName();
+ */
+ public static String getXPath(Node decryptedNode) {
+ if (decryptedNode == null) {
+ return null;
+ }
+
+ String result = "";
+ if (Node.ELEMENT_NODE == decryptedNode.getNodeType()) {
+ result = decryptedNode.getNodeName();
+ result = prependFullPath(result, decryptedNode.getParentNode());
+ } else if (Node.ATTRIBUTE_NODE == decryptedNode.getNodeType()) {
+ result = "@" + decryptedNode.getNodeName();
result = prependFullPath(result,
((Attr)decryptedNode).getOwnerElement());
- } else {
- return null;
- }
-
- return result;
- }
-
-
- /**
- * Recursively build an absolute xpath (starting with the root
"/")
- *
- * @param xpath the xpath expression built so far
- * @param node the current node whose name is to be prepended
- * @return a fully built xpath
- */
- private static String prependFullPath(String xpath, Node node) {
- if (node == null) {
- // probably a detached node... not really useful
- return null;
- } else if (Node.ELEMENT_NODE == node.getNodeType()) {
- xpath = node.getNodeName() + "/" + xpath;
- return prependFullPath(xpath, node.getParentNode());
- } else if (Node.DOCUMENT_NODE == node.getNodeType()) {
- return "/" + xpath;
- } else {
- return prependFullPath(xpath, node.getParentNode());
- }
- }
-
+ } else {
+ return null;
+ }
+
+ return result;
+ }
+
+
+ /**
+ * Recursively build an absolute xpath (starting with the root
"/")
+ *
+ * @param xpath the xpath expression built so far
+ * @param node the current node whose name is to be prepended
+ * @return a fully built xpath
+ */
+ private static String prependFullPath(String xpath, Node node) {
+ if (node == null) {
+ // probably a detached node... not really useful
+ return null;
+ } else if (Node.ELEMENT_NODE == node.getNodeType()) {
+ xpath = node.getNodeName() + "/" + xpath;
+ return prependFullPath(xpath, node.getParentNode());
+ } else if (Node.DOCUMENT_NODE == node.getNodeType()) {
+ return "/" + xpath;
+ } else {
+ return prependFullPath(xpath, node.getParentNode());
+ }
+ }
+
}
Modified:
webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/processor/SignatureProcessor.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/processor/SignatureProcessor.java?rev=792511&r1=792510&r2=792511&view=diff
==============================================================================
---
webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/processor/SignatureProcessor.java
(original)
+++
webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/processor/SignatureProcessor.java
Thu Jul 9 11:44:51 2009
@@ -470,6 +470,8 @@
WSDataRef ref = new WSDataRef(uri);
ref.setWsuId(uri);
ref.setName(new QName(se.getNamespaceURI(),
se.getLocalName()));
+ ref.setProtectedElement(se);
+ ref.setXpath(ReferenceListProcessor.getXPath(se));
protectedElements.add(ref);
returnElements.add(WSSecurityUtil.getIDFromReference(uri));
} else {
Modified:
webservices/wss4j/branches/1_5_x-fixes/test/wssec/TestWSSecuritySignatureParts.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/branches/1_5_x-fixes/test/wssec/TestWSSecuritySignatureParts.java?rev=792511&r1=792510&r2=792511&view=diff
==============================================================================
---
webservices/wss4j/branches/1_5_x-fixes/test/wssec/TestWSSecuritySignatureParts.java
(original)
+++
webservices/wss4j/branches/1_5_x-fixes/test/wssec/TestWSSecuritySignatureParts.java
Thu Jul 9 11:44:51 2009
@@ -28,10 +28,12 @@
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.ws.security.SOAPConstants;
+import org.apache.ws.security.WSDataRef;
import org.apache.ws.security.WSEncryptionPart;
import org.apache.ws.security.WSPasswordCallback;
import org.apache.ws.security.WSSecurityEngine;
import org.apache.ws.security.WSConstants;
+import org.apache.ws.security.WSSecurityEngineResult;
import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.components.crypto.Crypto;
import org.apache.ws.security.components.crypto.CryptoFactory;
@@ -146,7 +148,17 @@
LOG.debug(outputString);
}
- verify(signedDoc);
+ Vector results = verify(signedDoc);
+
+ WSSecurityEngineResult actionResult =
+ WSSecurityUtil.fetchActionResult(results, WSConstants.SIGN);
+ assertTrue(actionResult != null);
+ final java.util.List refs =
+ (java.util.List)
actionResult.get(WSSecurityEngineResult.TAG_DATA_REF_URIS);
+ assertTrue(actionResult != null && !actionResult.isEmpty());
+ WSDataRef wsDataRef = (WSDataRef)refs.get(0);
+ String xpath = wsDataRef.getXpath();
+ assertEquals("/soapenv:Envelope/soapenv:Header/foo:foobar", xpath);
}
/**
@@ -261,14 +273,15 @@
* @param doc
* @throws Exception Thrown when there is a problem in verification
*/
- private void verify(Document doc) throws Exception {
- secEngine.processSecurityHeader(doc, null, this, crypto);
+ private Vector verify(Document doc) throws Exception {
+ Vector results = secEngine.processSecurityHeader(doc, null, this,
crypto);
if (LOG.isDebugEnabled()) {
LOG.debug("Verfied and decrypted message:");
String outputString =
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(doc);
LOG.debug(outputString);
}
+ return results;
}
public void handle(Callback[] callbacks)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
