svn commit: r1234716 - in /axis/axis2/java/transports/trunk/modules/mail/src/main/java/org/apache/axis2/transport/mail: MailConstants.java MailTransportSender.java
Author: supun
Date: Mon Jan 23 09:40:55 2012
New Revision: 1234716
URL: http://svn.apache.org/viewvc?rev=1234716&view=rev
Log:
fixing an build break with multipart messages
Modified:
axis/axis2/java/transports/trunk/modules/mail/src/main/java/org/apache/axis2/transport/mail/MailConstants.java
axis/axis2/java/transports/trunk/modules/mail/src/main/java/org/apache/axis2/transport/mail/MailTransportSender.java
Modified:
axis/axis2/java/transports/trunk/modules/mail/src/main/java/org/apache/axis2/transport/mail/MailConstants.java
URL:
http://svn.apache.org/viewvc/axis/axis2/java/transports/trunk/modules/mail/src/main/java/org/apache/axis2/transport/mail/MailConstants.java?rev=1234716&r1=1234715&r2=1234716&view=diff
==
---
axis/axis2/java/transports/trunk/modules/mail/src/main/java/org/apache/axis2/transport/mail/MailConstants.java
(original)
+++
axis/axis2/java/transports/trunk/modules/mail/src/main/java/org/apache/axis2/transport/mail/MailConstants.java
Mon Jan 23 09:40:55 2012
@@ -60,6 +60,7 @@ public class MailConstants {
public static final String TRANSPORT_MAIL_FORMAT = "transport.mail.Format";
public static final String TRANSPORT_FORMAT_TEXT = "Text";
public static final String TRANSPORT_FORMAT_MP = "Multipart";
+public static final String TRANSPORT_FORMAT_ATTACHMENT = "Attachment";
public static final String TRANSPORT_FORMAT_ATTACHMENT_FILE =
"AttachmentFile";
public static final String TRANSPORT_MAIL_FOLDER =
"transport.mail.Folder";
Modified:
axis/axis2/java/transports/trunk/modules/mail/src/main/java/org/apache/axis2/transport/mail/MailTransportSender.java
URL:
http://svn.apache.org/viewvc/axis/axis2/java/transports/trunk/modules/mail/src/main/java/org/apache/axis2/transport/mail/MailTransportSender.java?rev=1234716&r1=1234715&r2=1234716&view=diff
==
---
axis/axis2/java/transports/trunk/modules/mail/src/main/java/org/apache/axis2/transport/mail/MailTransportSender.java
(original)
+++
axis/axis2/java/transports/trunk/modules/mail/src/main/java/org/apache/axis2/transport/mail/MailTransportSender.java
Mon Jan 23 09:40:55 2012
@@ -433,6 +433,15 @@ public class MailTransportSender extends
mimeMultiPart.addBodyPart(mimeBodyPart1);
mimeMultiPart.addBodyPart(mimeBodyPart2);
message.setContent(mimeMultiPart);
+mainPart = mimeBodyPart2;
+} else if (MailConstants.TRANSPORT_FORMAT_ATTACHMENT.equals(mFormat)) {
+mimeMultiPart = new MimeMultipart();
+MimeBodyPart mimeBodyPart1 = new MimeBodyPart();
+mimeBodyPart1.setContent("Web Service Message
Attached","text/plain");
+MimeBodyPart mimeBodyPart2 = new MimeBodyPart();
+mimeMultiPart.addBodyPart(mimeBodyPart1);
+mimeMultiPart.addBodyPart(mimeBodyPart2);
+message.setContent(mimeMultiPart);
String fileName = (String) msgContext.getProperty(
MailConstants.TRANSPORT_FORMAT_ATTACHMENT_FILE);
svn commit: r1235059 - /axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/util/Axis2Util.java
Author: veithen
Date: Mon Jan 23 23:24:13 2012
New Revision: 1235059
URL: http://svn.apache.org/viewvc?rev=1235059&view=rev
Log:
Fixed an issue in Rampart that occured because it was implicitly relying on a
non-conformance of DOOM's DOM implementation.
The issue occurs if all of the following conditions are satisfied:
1. The service uses DOOM to create the response message.
2. The content of the response message is prepared using the DOM API and no
provisions are made to ensure that the object model is well formed with respect
to namespaces (i.e. that all namespace declarations are present).
3. The response message is signed or encrypted by WSS4J/Santuario.
In practice these conditions are only satisfied by Rampart's STS.
Modified:
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/util/Axis2Util.java
Modified:
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/util/Axis2Util.java
URL:
http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/util/Axis2Util.java?rev=1235059&r1=1235058&r2=1235059&view=diff
==
---
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/util/Axis2Util.java
(original)
+++
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/util/Axis2Util.java
Mon Jan 23 23:24:13 2012
@@ -36,6 +36,7 @@ import org.apache.axiom.soap.impl.builde
import org.apache.rampart.handler.WSSHandlerConstants;
import org.apache.ws.security.WSSecurityException;
import org.apache.xml.security.utils.XMLUtils;
+import org.w3c.dom.DOMConfiguration;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@@ -100,6 +101,23 @@ public class Axis2Util {
if (element.getParentNode() != document) {
document.appendChild(element);
}
+// If the Axiom implementation supports DOM, then it is
possible/likely that the
+// DOM API was used to create the object model (or parts of
it). In this case, the
+// object model is not necessarily well formed with respect to
namespaces because
+// DOM doesn't generate namespace declarations automatically.
This is an issue
+// because WSS4J/Santuario expects that all namespace
declarations are present.
+// If this is not the case, then signature values or
encryptions will be incorrect.
+// To avoid this, we normalize the document. Note that if we
disable the other
+// normalizations supported by DOM, this is generally not a
heavy operation.
+// In particular, the Axiom implementation is not required to
expand the object
+// model (including OMSourcedElements) because the Axiom
builder is required to
+// perform namespace repairing, so that no modifications to
unexpanded parts of
+// the message are required.
+DOMConfiguration domConfig = document.getDomConfig();
+domConfig.setParameter("split-cdata-sections", Boolean.FALSE);
+domConfig.setParameter("well-formed", Boolean.FALSE);
+domConfig.setParameter("namespaces", Boolean.TRUE);
+document.normalizeDocument();
return document;
}
svn commit: r1235132 [2/3] - in /axis/axis2/java/rampart/trunk: ./ modules/rampart-core/src/main/java/org/apache/rampart/ modules/rampart-core/src/main/java/org/apache/rampart/saml/ modules/rampart-in
Modified:
axis/axis2/java/rampart/trunk/modules/rampart-trust/src/main/java/org/apache/rahas/impl/SAMLTokenIssuer.java
URL:
http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-trust/src/main/java/org/apache/rahas/impl/SAMLTokenIssuer.java?rev=1235132&r1=1235131&r2=1235132&view=diff
==
---
axis/axis2/java/rampart/trunk/modules/rampart-trust/src/main/java/org/apache/rahas/impl/SAMLTokenIssuer.java
(original)
+++
axis/axis2/java/rampart/trunk/modules/rampart-trust/src/main/java/org/apache/rahas/impl/SAMLTokenIssuer.java
Tue Jan 24 04:39:03 2012
@@ -21,6 +21,8 @@ import org.apache.axiom.om.OMNode;
import org.apache.axiom.soap.SOAPEnvelope;
import org.apache.axis2.context.MessageContext;
import org.apache.axis2.description.Parameter;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
import org.apache.rahas.RahasConstants;
import org.apache.rahas.RahasData;
import org.apache.rahas.Token;
@@ -30,37 +32,38 @@ import org.apache.rahas.TrustUtil;
import org.apache.rahas.impl.util.SAMLAttributeCallback;
import org.apache.rahas.impl.util.SAMLCallbackHandler;
import org.apache.rahas.impl.util.SAMLNameIdentifierCallback;
-import org.apache.ws.security.WSConstants;
+import org.apache.rahas.impl.util.SAMLUtils;
import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.WSUsernameTokenPrincipal;
import org.apache.ws.security.components.crypto.Crypto;
import org.apache.ws.security.components.crypto.CryptoFactory;
-import org.apache.ws.security.message.WSSecEncryptedKey;
import org.apache.ws.security.util.Base64;
import org.apache.ws.security.util.Loader;
import org.apache.ws.security.util.XmlSchemaDateFormat;
import org.apache.xml.security.signature.XMLSignature;
-import org.apache.xml.security.utils.EncryptionConstants;
-import org.opensaml.SAMLAssertion;
-import org.opensaml.SAMLAttribute;
-import org.opensaml.SAMLAttributeStatement;
-import org.opensaml.SAMLAuthenticationStatement;
-import org.opensaml.SAMLException;
-import org.opensaml.SAMLNameIdentifier;
-import org.opensaml.SAMLStatement;
-import org.opensaml.SAMLSubject;
+
+import org.joda.time.DateTime;
+import org.opensaml.common.SAMLException;
+import org.opensaml.saml1.core.*;
+import org.opensaml.xml.security.*;
+import org.opensaml.xml.security.SecurityException;
+import org.opensaml.xml.security.credential.Credential;
+import org.opensaml.xml.signature.KeyInfo;
+import org.opensaml.xml.signature.Signature;
+import org.opensaml.xml.signature.SignatureException;
+import org.opensaml.xml.signature.Signer;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
-import org.w3c.dom.Text;
import java.security.Principal;
+import java.security.PrivateKey;
+import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import java.text.DateFormat;
import java.util.ArrayList;
import java.util.Arrays;
-import java.util.Date;
import java.util.List;
/**
@@ -74,6 +77,12 @@ public class SAMLTokenIssuer implements
private String configFile;
+
+//TODO move this to TrustUtil
+private static final String AUTHENTICATION_METHOD_PASSWORD =
"urn:oasis:names:tc:SAML:1.0:am:password";
+
+private static final Log log = LogFactory.getLog(SAMLTokenIssuer.class);
+
public SOAPEnvelope issue(RahasData data) throws TrustException {
MessageContext inMsgCtx = data.getInMessageContext();
@@ -121,9 +130,8 @@ public class SAMLTokenIssuer implements
}
// Creation and expiration times
-Date creationTime = new Date();
-Date expirationTime = new Date();
-expirationTime.setTime(creationTime.getTime() + config.ttl);
+DateTime creationTime = new DateTime();
+DateTime expirationTime = new DateTime(creationTime.getMillis() +
config.ttl);
// Get the document
Document doc = ((Element) env).getOwnerDocument();
@@ -145,7 +153,7 @@ public class SAMLTokenIssuer implements
*/
String keyType = data.getKeyType();
-SAMLAssertion assertion;
+Assertion assertion;
if (keyType == null) {
throw new TrustException(TrustException.INVALID_REQUEST,
new String[] { "Requested KeyType is missing" });
@@ -183,11 +191,11 @@ public class SAMLTokenIssuer implements
}
if (config.addRequestedAttachedRef) {
-TrustUtil.createRequestedAttachedRef(rstrElem,
assertion.getId(),wstVersion);
+TrustUtil.createRequestedAttachedRef(rstrElem,
assertion.getID(),wstVersion);
}
if (config.addRequestedUnattachedRef) {
-TrustUtil.createRequestedUnattachedRef(rstrElem,
assertion.getId(),wstVersion);
+TrustUtil.createRequestedUnattachedRef(rstrElem,
assertion.getID(),wstVersion);
}
svn commit: r1235132 [3/3] - in /axis/axis2/java/rampart/trunk: ./ modules/rampart-core/src/main/java/org/apache/rampart/ modules/rampart-core/src/main/java/org/apache/rampart/saml/ modules/rampart-in
Modified:
axis/axis2/java/rampart/trunk/modules/rampart-trust/src/main/java/org/apache/rahas/impl/util/SAMLUtils.java
URL:
http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-trust/src/main/java/org/apache/rahas/impl/util/SAMLUtils.java?rev=1235132&r1=1235131&r2=1235132&view=diff
==
---
axis/axis2/java/rampart/trunk/modules/rampart-trust/src/main/java/org/apache/rahas/impl/util/SAMLUtils.java
(original)
+++
axis/axis2/java/rampart/trunk/modules/rampart-trust/src/main/java/org/apache/rahas/impl/util/SAMLUtils.java
Tue Jan 24 04:39:03 2012
@@ -1,30 +1,778 @@
package org.apache.rahas.impl.util;
-import org.apache.rahas.impl.SAMLTokenIssuerConfig;
-import org.apache.ws.security.components.crypto.Crypto;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.rahas.RahasConstants;
+import org.apache.rahas.RahasData;
+import org.apache.rahas.TrustException;
+import org.apache.rahas.impl.TokenIssuerUtil;
+import org.apache.ws.security.WSConstants;
import org.apache.ws.security.WSSecurityException;
+import org.apache.ws.security.components.crypto.Crypto;
+import org.apache.ws.security.message.WSSecEncryptedKey;
+import org.apache.ws.security.util.Base64;
+import org.apache.xml.security.signature.XMLSignature;
+import org.apache.xml.security.utils.EncryptionConstants;
+import org.joda.time.DateTime;
+import org.opensaml.Configuration;
+import org.opensaml.saml1.core.*;
+import org.opensaml.ws.wssecurity.KeyIdentifier;
+import org.opensaml.ws.wssecurity.SecurityTokenReference;
+import org.opensaml.ws.wssecurity.WSSecurityConstants;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.XMLObjectBuilder;
+import org.opensaml.xml.encryption.CipherData;
+import org.opensaml.xml.encryption.CipherValue;
+import org.opensaml.xml.encryption.EncryptedKey;
+import org.opensaml.xml.encryption.EncryptionMethod;
+import org.opensaml.xml.io.MarshallingException;
+import org.opensaml.xml.schema.XSString;
+import org.opensaml.xml.schema.impl.XSStringBuilder;
+import org.opensaml.xml.security.SecurityHelper;
+import org.opensaml.xml.security.credential.Credential;
+import org.opensaml.xml.signature.*;
+import org.opensaml.xml.signature.KeyInfo;
+import org.opensaml.xml.signature.X509Data;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import javax.xml.namespace.QName;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
-import java.util.Collection;
-import java.util.ArrayList;
+import java.util.*;
+/**
+ * Utility class for SAML 1 assertions. Responsible for manipulating all SAML1
specific objects
+ * like Assertion, ConfirmationMethod etc ...
+ */
public class SAMLUtils {
+private static final Log log = LogFactory.getLog(SAMLUtils.class);
-public static Collection
getCertChainCollection(X509Certificate[] issuerCerts){
-
- ArrayList certCollection = new
ArrayList();
+public static Collection
getCertChainCollection(X509Certificate[] issuerCerts) {
+ArrayList certCollection = new
ArrayList();
if (issuerCerts == null) {
return certCollection;
} else {
-for (X509Certificate cert : issuerCerts) {
-certCollection.add(cert);
-}
+Collections.addAll(certCollection, issuerCerts);
}
return certCollection;
+}
+
+/**
+ * Builds the requested XMLObject.
+ *
+ * @param objectQName name of the XMLObject
+ * @return the build XMLObject
+ * @throws org.apache.rahas.TrustException If unable to find the
appropriate builder.
+ */
+public static XMLObject buildXMLObject(QName objectQName) throws
TrustException {
+XMLObjectBuilder builder =
Configuration.getBuilderFactory().getBuilder(objectQName);
+if (builder == null) {
+log.debug("Unable to find OpenSAML builder for object " +
objectQName);
+throw new TrustException("builderNotFound",new
Object[]{objectQName});
+}
+return builder.buildObject(objectQName.getNamespaceURI(),
objectQName.getLocalPart(), objectQName.getPrefix());
+}
+
+/**
+ * Builds an assertion from an XML element.
+ * @param assertionElement The XML element.
+ * @return An Assertion object.
+ */
+public static Assertion buildAssertion(Element assertionElement) {
+
+ return (Assertion) Configuration.getBuilderFactory().
+
getBuilder(Assertion.DEFAULT_ELEMENT_NAME).buildObject(assertionElement);
+
+}
+
+/**
+ * Signs the SAML assertion. The steps to sign SAML assertion is as
follows,
+ *
+ * Get certificate for issuer alias
+ * Extract private k
svn commit: r1235143 - in /axis/axis2/java/rampart/branches/1_6: ./ modules/rampart-core/src/main/java/org/apache/rampart/util/Axis2Util.java
Author: veithen
Date: Tue Jan 24 07:06:57 2012
New Revision: 1235143
URL: http://svn.apache.org/viewvc?rev=1235143&view=rev
Log:
Merged r1090540 and r1235059 to the 1.6 branch.
Modified:
axis/axis2/java/rampart/branches/1_6/ (props changed)
axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/util/Axis2Util.java
Propchange: axis/axis2/java/rampart/branches/1_6/
--
--- svn:mergeinfo (original)
+++ svn:mergeinfo Tue Jan 24 07:06:57 2012
@@ -1 +1 @@
-/axis/axis2/java/rampart/trunk:1072266-1072267,1072300,1072313-1072314,1072316,1072321,1072324,1073746,1074043,1074447,1074534,1075676,1075683-1075684,1083686,1087998,1088013,1088558,1088571,1089599,1129515,1129552,1130570,1131278,1132548,1132564,1134446,1134683,1137396,1144616,1157613,1157670,1157672,1157674,1157724,1157731,1172842,1175271,1175324,1177260,1177279,1177413,1178193,1186491,1190533,1190600,1194848,1194994,1220915,1221926,1221937,1221940,1222136,1222418
+/axis/axis2/java/rampart/trunk:1072266-1072267,1072300,1072313-1072314,1072316,1072321,1072324,1073746,1074043,1074447,1074534,1075676,1075683-1075684,1083686,1087998,1088013,1088558,1088571,1089599,1090540,1129515,1129552,1130570,1131278,1132548,1132564,1134446,1134683,1137396,1144616,1157613,1157670,1157672,1157674,1157724,1157731,1172842,1175271,1175324,1177260,1177279,1177413,1178193,1186491,1190533,1190600,1194848,1194994,1220915,1221926,1221937,1221940,1222136,1222418,1235059
Modified:
axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/util/Axis2Util.java
URL:
http://svn.apache.org/viewvc/axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/util/Axis2Util.java?rev=1235143&r1=1235142&r2=1235143&view=diff
==
---
axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/util/Axis2Util.java
(original)
+++
axis/axis2/java/rampart/branches/1_6/modules/rampart-core/src/main/java/org/apache/rampart/util/Axis2Util.java
Tue Jan 24 07:06:57 2012
@@ -37,6 +37,7 @@ import org.apache.axiom.soap.impl.dom.fa
import org.apache.rampart.handler.WSSHandlerConstants;
import org.apache.ws.security.WSSecurityException;
import org.apache.xml.security.utils.XMLUtils;
+import org.w3c.dom.DOMConfiguration;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@@ -90,7 +91,35 @@ public class Axis2Util {
throws WSSecurityException {
try {
if(env instanceof Element) {
-return ((Element)env).getOwnerDocument();
+Element element = (Element)env;
+Document document = element.getOwnerDocument();
+// For outgoing messages, Axis2 only creates the SOAPEnvelope,
but no document. If
+// the Axiom implementation also supports DOM, then the
envelope (seen as a DOM
+// element) will have an owner document, but the document and
the envelope have no
+// parent-child relationship. On the other hand, the input
expected by WSS4J is
+// a document with the envelope as document element. Therefore
we need to set the
+// envelope as document element on the owner document.
+if (element.getParentNode() != document) {
+document.appendChild(element);
+}
+// If the Axiom implementation supports DOM, then it is
possible/likely that the
+// DOM API was used to create the object model (or parts of
it). In this case, the
+// object model is not necessarily well formed with respect to
namespaces because
+// DOM doesn't generate namespace declarations automatically.
This is an issue
+// because WSS4J/Santuario expects that all namespace
declarations are present.
+// If this is not the case, then signature values or
encryptions will be incorrect.
+// To avoid this, we normalize the document. Note that if we
disable the other
+// normalizations supported by DOM, this is generally not a
heavy operation.
+// In particular, the Axiom implementation is not required to
expand the object
+// model (including OMSourcedElements) because the Axiom
builder is required to
+// perform namespace repairing, so that no modifications to
unexpanded parts of
+// the message are required.
+DOMConfiguration domConfig = document.getDomConfig();
+domConfig.setParameter("split-cdata-sections", Boolean.FALSE);
+domConfig.setParameter("well-formed", Boolean.FALSE);
+domConfig.setParameter("namespaces", Boolean.TRUE);
+document.nor
svn commit: r1235148 - in /axis/axis2/java/rampart/branches/1_5_x: ./ modules/documentation/src/site/xdoc/download/1.5.1/download.xml modules/rampart-core/src/main/java/org/apache/rampart/util/Axis2Ut
Author: veithen
Date: Tue Jan 24 07:16:43 2012
New Revision: 1235148
URL: http://svn.apache.org/viewvc?rev=1235148&view=rev
Log:
Merged r1090540 and r1235059 to the 1.5 branch.
Modified:
axis/axis2/java/rampart/branches/1_5_x/ (props changed)
axis/axis2/java/rampart/branches/1_5_x/modules/documentation/src/site/xdoc/download/1.5.1/download.xml
(props changed)
axis/axis2/java/rampart/branches/1_5_x/modules/rampart-core/src/main/java/org/apache/rampart/util/Axis2Util.java
Propchange: axis/axis2/java/rampart/branches/1_5_x/
--
--- svn:mergeinfo (original)
+++ svn:mergeinfo Tue Jan 24 07:16:43 2012
@@ -1 +1 @@
-/axis/axis2/java/rampart/trunk:1052172-1052173,1072178,1072180,1072182,1072187,1072313,1072316,1075676,1083686,1089599,1130570,1132548,1134683,1144616,1157613,1157670,1157672,1157674,1157724,1157731,1172842,1175324,1177260,1177413,1178193,1186491,1190533,1190600,1194848,1194994,1221926,1221937,1221940
+/axis/axis2/java/rampart/trunk:1052172-1052173,1072178,1072180,1072182,1072187,1072313,1072316,1075676,1083686,1089599,1090540,1130570,1132548,1134683,1144616,1157613,1157670,1157672,1157674,1157724,1157731,1172842,1175324,1177260,1177413,1178193,1186491,1190533,1190600,1194848,1194994,1221926,1221937,1221940,1235059
Propchange:
axis/axis2/java/rampart/branches/1_5_x/modules/documentation/src/site/xdoc/download/1.5.1/download.xml
--
--- svn:mergeinfo (original)
+++ svn:mergeinfo Tue Jan 24 07:16:43 2012
@@ -1 +1 @@
-/axis/axis2/java/rampart/trunk/modules/documentation/src/site/xdoc/download/1.5.1/download.xml:1052172-1052173,1072178,1072180,1072182,1072187,1072313,1072316,1075676,1083686,1089599,1130570,1131278,1132548,1134683,1144616,1157613,1157670,1157672,1157674,1157724,1157731,1172842,1175324,1177260,1177413,1178193,1186491,1190533,1190600,1194848,1194994,1221926,1221937,1221940
+/axis/axis2/java/rampart/trunk/modules/documentation/src/site/xdoc/download/1.5.1/download.xml:1052172-1052173,1072178,1072180,1072182,1072187,1072313,1072316,1075676,1083686,1089599,1090540,1130570,1131278,1132548,1134683,1144616,1157613,1157670,1157672,1157674,1157724,1157731,1172842,1175324,1177260,1177413,1178193,1186491,1190533,1190600,1194848,1194994,1221926,1221937,1221940,1235059
Modified:
axis/axis2/java/rampart/branches/1_5_x/modules/rampart-core/src/main/java/org/apache/rampart/util/Axis2Util.java
URL:
http://svn.apache.org/viewvc/axis/axis2/java/rampart/branches/1_5_x/modules/rampart-core/src/main/java/org/apache/rampart/util/Axis2Util.java?rev=1235148&r1=1235147&r2=1235148&view=diff
==
---
axis/axis2/java/rampart/branches/1_5_x/modules/rampart-core/src/main/java/org/apache/rampart/util/Axis2Util.java
(original)
+++
axis/axis2/java/rampart/branches/1_5_x/modules/rampart-core/src/main/java/org/apache/rampart/util/Axis2Util.java
Tue Jan 24 07:16:43 2012
@@ -35,6 +35,7 @@ import org.apache.axiom.soap.impl.dom.fa
import org.apache.rampart.handler.WSSHandlerConstants;
import org.apache.ws.security.WSSecurityException;
import org.apache.xml.security.utils.XMLUtils;
+import org.w3c.dom.DOMConfiguration;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
@@ -89,7 +90,35 @@ public class Axis2Util {
throws WSSecurityException {
try {
if(env instanceof Element) {
-return ((Element)env).getOwnerDocument();
+Element element = (Element)env;
+Document document = element.getOwnerDocument();
+// For outgoing messages, Axis2 only creates the SOAPEnvelope,
but no document. If
+// the Axiom implementation also supports DOM, then the
envelope (seen as a DOM
+// element) will have an owner document, but the document and
the envelope have no
+// parent-child relationship. On the other hand, the input
expected by WSS4J is
+// a document with the envelope as document element. Therefore
we need to set the
+// envelope as document element on the owner document.
+if (element.getParentNode() != document) {
+document.appendChild(element);
+}
+// If the Axiom implementation supports DOM, then it is
possible/likely that the
+// DOM API was used to create the object model (or parts of
it). In this case, the
+// object model is not necessarily well formed with respect to
namespaces because
+// DOM doesn't generate namespace declarations automatically.
This is an issue
+// because WSS4J/Santuario expects that all namespace
declarations are present.
+// If this is not the case, then signature values or
encryptions will be incorrect.
