Author: shankar
Date: Wed Dec 22 07:07:05 2010
New Revision: 1051777
URL: http://svn.apache.org/viewvc?rev=1051777&view=rev
Log:
Applying patch from RAMPART-277
Modified:
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/builder/AsymmetricBindingBuilder.java
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/builder/BindingBuilder.java
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java
Modified:
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/builder/AsymmetricBindingBuilder.java
URL:
http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/builder/AsymmetricBindingBuilder.java?rev=1051777&r1=1051776&r2=1051777&view=diff
==============================================================================
---
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/builder/AsymmetricBindingBuilder.java
(original)
+++
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/builder/AsymmetricBindingBuilder.java
Wed Dec 22 07:07:05 2010
@@ -175,7 +175,7 @@ public class AsymmetricBindingBuilder ex
encr.setDocument(doc);
RampartUtil.setEncryptionUser(rmd, encr);
encr.setSymmetricEncAlgorithm(rpd.getAlgorithmSuite().getEncryption());
- RampartUtil.setKeyIdentifierType(rpd,encr,
encryptionToken);
+ RampartUtil.setKeyIdentifierType(rmd, encr,
encryptionToken);
encr.setKeyEncAlgo(rpd.getAlgorithmSuite().getAsymmetricKeyWrap());
encr.prepare(doc, RampartUtil.getEncryptionCrypto(config,
rmd.getCustomClassLoader()));
@@ -528,7 +528,7 @@ public class AsymmetricBindingBuilder ex
WSSecEncrypt encr = new WSSecEncrypt();
- RampartUtil.setKeyIdentifierType(rpd, encr, encrToken);
+ RampartUtil.setKeyIdentifierType(rmd, encr, encrToken);
encr.setWsConfig(rmd.getConfig());
@@ -765,7 +765,7 @@ public class AsymmetricBindingBuilder ex
WSSecEncrypt encr = new WSSecEncrypt();
- RampartUtil.setKeyIdentifierType(rpd, encr, encrToken);
+ RampartUtil.setKeyIdentifierType(rmd, encr, encrToken);
encr.setWsConfig(rmd.getConfig());
Modified:
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/builder/BindingBuilder.java
URL:
http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/builder/BindingBuilder.java?rev=1051777&r1=1051776&r2=1051777&view=diff
==============================================================================
---
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/builder/BindingBuilder.java
(original)
+++
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/builder/BindingBuilder.java
Wed Dec 22 07:07:05 2010
@@ -218,7 +218,7 @@ public abstract class BindingBuilder {
WSSecEncryptedKey encrKey = new WSSecEncryptedKey();
try {
- RampartUtil.setKeyIdentifierType(rpd, encrKey, token);
+ RampartUtil.setKeyIdentifierType(rmd, encrKey, token);
RampartUtil.setEncryptionUser(rmd, encrKey);
encrKey.setKeySize(rpd.getAlgorithmSuite().getMaximumSymmetricKeyLength());
encrKey.setKeyEncAlgo(rpd.getAlgorithmSuite().getAsymmetricKeyWrap());
@@ -261,7 +261,7 @@ public abstract class BindingBuilder {
log.debug("Token inclusion: " + token.getInclusion());
- RampartUtil.setKeyIdentifierType(rpd, sig, token);
+ RampartUtil.setKeyIdentifierType(rmd, sig, token);
String user = null;
@@ -345,7 +345,6 @@ public abstract class BindingBuilder {
//Create the list to hold the tokens
HashMap endSuppTokMap = new HashMap();
-
if(suppTokens != null && suppTokens.getTokens() != null &&
suppTokens.getTokens().size() > 0) {
log.debug("Processing supporting tokens");
@@ -412,10 +411,8 @@ public abstract class BindingBuilder {
//Add the UT
Element elem = utBuilder.getUsernameTokenElement();
elem = RampartUtil.insertSiblingAfter(rmd,
this.getInsertionLocation(), elem);
-
- if (suppTokens.isEncryptedToken()) {
- encryptedTokensIdList.add(utBuilder.getId());
- }
+
+ encryptedTokensIdList.add(utBuilder.getId());
//Move the insert location to the next element
this.setInsertionLocation(elem);
Modified:
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java
URL:
http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java?rev=1051777&r1=1051776&r2=1051777&view=diff
==============================================================================
---
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java
(original)
+++
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java
Wed Dec 22 07:07:05 2010
@@ -1301,10 +1301,16 @@ public class RampartUtil {
* the WSS11 and WSS10 assertions
*/
- public static void setKeyIdentifierType(RampartPolicyData rpd, WSSecBase
secBase,org.apache.ws.secpolicy.model.Token token) {
-
- if (token.getInclusion() == SPConstants.INCLUDE_TOKEN_NEVER) {
-
+ public static void setKeyIdentifierType(RampartMessageData rmd, WSSecBase
secBase,org.apache.ws.secpolicy.model.Token token) {
+
+ // Use a reference rather than the binary security token if: the
policy never allows the token to be
+ // included; or this is the recipient and the token should only be
included in requests; or this is
+ // the initiator and the token should only be included in responses.
+ final boolean useReference = token.getInclusion() ==
SPConstants.INCLUDE_TOKEN_NEVER
+ || !rmd.isInitiator() &&
token.getInclusion() == SPConstants.INCLUDE_TOEKN_ALWAYS_TO_RECIPIENT
+ || rmd.isInitiator() &&
token.getInclusion() == SPConstants.INCLUDE_TOEKN_ALWAYS_TO_INITIATOR;
+ if (useReference) {
+
boolean tokenTypeSet = false;
if(token instanceof X509Token) {
@@ -1323,6 +1329,7 @@ public class RampartUtil {
}
if (!tokenTypeSet) {
+ final RampartPolicyData rpd = rmd.getPolicyData();
Wss10 wss = rpd.getWss11();
if (wss == null) {
wss = rpd.getWss10();
