TestWSSecurityNewST3.java

coheigea Wed, 20 Jan 2010 03:46:37 -0800

Author: coheigea
Date: Wed Jan 20 11:46:02 2010
New Revision: 901147

URL: http://svn.apache.org/viewvc?rev=901147&view=rev
Log:
[WSS-224] - SAMLTokenSignedAction and WSSecSignatureSAML do not honor signature 
algorithm or digest algorithm from WSSHandler configuration
 - Patch applied, thanks.


Modified:
    
webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/action/SAMLTokenSignedAction.java
    
webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/saml/WSSecSignatureSAML.java
    webservices/wss4j/branches/1_5_x-fixes/test/wssec/TestWSSecurityNewST3.java

Modified: 
webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/action/SAMLTokenSignedAction.java
URL: 
http://svn.apache.org/viewvc/webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/action/SAMLTokenSignedAction.java?rev=901147&r1=901146&r2=901147&view=diff
==============================================================================
--- 
webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/action/SAMLTokenSignedAction.java
 (original)
+++ 
webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/action/SAMLTokenSignedAction.java
 Wed Jan 20 11:46:02 2010
@@ -84,6 +84,12 @@
         if (reqData.getSigKeyId() != 0) {
             wsSign.setKeyIdentifierType(reqData.getSigKeyId());
         }
+        if (reqData.getSigAlgorithm() != null) {
+            wsSign.setSignatureAlgorithm(reqData.getSigAlgorithm());
+        }
+        if (reqData.getSigDigestAlgorithm() != null) {
+            wsSign.setDigestAlgo(reqData.getSigDigestAlgorithm());
+        }
 
          /*
          * required to add support for the 

Modified: 
webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/saml/WSSecSignatureSAML.java
URL: 
http://svn.apache.org/viewvc/webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/saml/WSSecSignatureSAML.java?rev=901147&r1=901146&r2=901147&view=diff
==============================================================================
--- 
webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/saml/WSSecSignatureSAML.java
 (original)
+++ 
webservices/wss4j/branches/1_5_x-fixes/src/org/apache/ws/security/saml/WSSecSignatureSAML.java
 Wed Jan 20 11:46:02 2010
@@ -532,7 +532,7 @@
                                 getInclusivePrefixes(toSignById)
                             ).getElement());
                     }
-                    sig.addDocument("#" + idToSign, transforms);
+                    sig.addDocument("#" + idToSign, transforms, 
this.getDigestAlgo());
                 } else if (elemName.equals("Token")) {
                     
transforms.addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS);
                     if (keyIdentifierType == WSConstants.BST_DIRECT_REFERENCE) 
{
@@ -543,7 +543,7 @@
                                     
getInclusivePrefixes(secHeader.getSecurityHeader())
                                 ).getElement());
                         }
-                        sig.addDocument("#" + certUri, transforms);
+                        sig.addDocument("#" + certUri, transforms, 
this.getDigestAlgo());
                     } else {
                         if (wssConfig.isWsiBSPCompliant()) {
                             transforms.item(0).getElement().appendChild(
@@ -552,12 +552,12 @@
                                     getInclusivePrefixes(keyInfo.getElement())
                                 ).getElement());
                         }
-                        sig.addDocument("#" + keyInfoUri, transforms);
+                        sig.addDocument("#" + keyInfoUri, transforms, 
this.getDigestAlgo());
                     }
                 } else if (elemName.equals("STRTransform")) { // STRTransform
                     Element ctx = createSTRParameter(document);
                     
transforms.addTransform(STRTransform.implementedTransformURI, ctx);
-                    sig.addDocument("#" + strUri, transforms);
+                    sig.addDocument("#" + strUri, transforms, 
this.getDigestAlgo());
                 } else {
                     Element body = 
                         (Element) WSSecurityUtil.findElement(envelope, 
elemName, nmSpace);
@@ -575,7 +575,7 @@
                                 getInclusivePrefixes(body)
                             ).getElement());
                     }
-                    sig.addDocument("#" + setWsuId(body), transforms);
+                    sig.addDocument("#" + setWsuId(body), transforms, 
this.getDigestAlgo());
                 }
             } catch (TransformationException e1) {
                 throw new WSSecurityException(

Modified: 
webservices/wss4j/branches/1_5_x-fixes/test/wssec/TestWSSecurityNewST3.java
URL: 
http://svn.apache.org/viewvc/webservices/wss4j/branches/1_5_x-fixes/test/wssec/TestWSSecurityNewST3.java?rev=901147&r1=901146&r2=901147&view=diff
==============================================================================
--- webservices/wss4j/branches/1_5_x-fixes/test/wssec/TestWSSecurityNewST3.java 
(original)
+++ webservices/wss4j/branches/1_5_x-fixes/test/wssec/TestWSSecurityNewST3.java 
Wed Jan 20 11:46:02 2010
@@ -135,6 +135,8 @@
         SAMLAssertion assertion = saml.newAssertion();
 
         WSSecSignatureSAML wsSign = new WSSecSignatureSAML();
+        wsSign.setDigestAlgo("http://www.w3.org/2001/04/xmlenc#sha256";);
+        
wsSign.setSignatureAlgorithm("http://www.w3.org/2001/04/xmldsig-more#rsa-sha256";);
         wsSign.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
         wsSign.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
 
@@ -149,12 +151,14 @@
         Document signedDoc = wsSign.build(doc, crypto, assertion, null, null, 
null, secHeader);
         LOG.info("After SAMLSignedKeyHolder....");
 
+        String outputString = 
+            
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc);
         if (LOG.isDebugEnabled()) {
             LOG.debug("Signed SAML message (key holder):");
-            String outputString = 
-                
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc);
             LOG.debug(outputString);
         }
+        
assertTrue(outputString.indexOf("http://www.w3.org/2001/04/xmlenc#sha256";) != 
-1);
+        
assertTrue(outputString.indexOf("http://www.w3.org/2001/04/xmldsig-more#rsa-sha256";)
 != -1);
         
         Vector results = verify(signedDoc);
         WSSecurityEngineResult actionResult =



---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

svn commit: r901147 - in /webservices/wss4j/branches/1_5_x-fixes: src/org/apache/ws/security/action/SAMLTokenSignedAction.java src/org/apache/ws/security/saml/WSSecSignatureSAML.java test/wssec/TestWSSecurityNewST3.java

Reply via email to