date:20130130

svn commit: r1440633 - in /axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart: PolicyBasedResultsValidator.java errors.properties

2013-01-30 Thread ruchithf

Author: ruchithf
Date: Wed Jan 30 20:03:41 2013
New Revision: 1440633

URL: http://svn.apache.org/viewvc?rev=1440633&view=rev
Log:
Validating password type included in the username token

Modified:

axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java

axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties

Modified: 
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java
URL: 
http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java?rev=1440633&r1=1440632&r2=1440633&view=diff
==
--- 
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java
 (original)
+++ 
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java
 Wed Jan 30 20:03:41 2013
@@ -39,7 +39,6 @@ import org.jaxen.JaxenException;
 
 import javax.xml.namespace.QName;
 import java.math.BigInteger;
-import java.security.KeyStore;
 import java.security.cert.X509Certificate;
 import java.util.*;
 
@@ -317,9 +316,19 @@ public class PolicyBasedResultsValidator
 UsernameToken ut = (UsernameToken) token;
 //Check presence of a UsernameToken
 WSSecurityEngineResult utResult = 
WSSecurityUtil.fetchActionResult(results, WSConstants.UT);
+
 if (utResult == null && !ut.isOptional()) {
 throw new RampartException("usernameTokenMissing");
 }
+
+org.apache.ws.security.message.token.UsernameToken wssUt = 
+   
(org.apache.ws.security.message.token.UsernameToken) 
utResult.get(WSSecurityEngineResult.TAG_USERNAME_TOKEN);
+if(ut.isHashPassword() && 
!wssUt.getPasswordType().equals(WSConstants.PASSWORD_DIGEST)) {
+   throw new RampartException("invalidUsernameTokenType");
+} else if 
(!wssUt.getPasswordType().equals(WSConstants.PASSWORD_TEXT)) {
+   throw new RampartException("invalidUsernameTokenType");
+}
+
 
 } else if (token instanceof IssuedToken) {
 //TODO is is enough to check for ST_UNSIGNED results ??

Modified: 
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties
URL: 
http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties?rev=1440633&r1=1440632&r2=1440633&view=diff
==
--- 
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties
 (original)
+++ 
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/errors.properties
 Wed Jan 30 20:03:41 2013
@@ -103,4 +103,4 @@ repeatingNonceValue = Nonce value : {0},
 invalidNonceLifeTime = Invalid value for nonceLifeTime in rampart 
configuration file.
 invalidIssuerAddress = Invalid value for Issuer
 invalidSignatureAlgo=Invalid signature algorithm for Asymmetric binding
-
+invalidUsernameTokenType = Invalid UsernameToken Type.

svn commit: r1440696 - /axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java

2013-01-30 Thread ruchithf

Author: ruchithf
Date: Wed Jan 30 21:54:46 2013
New Revision: 1440696

URL: http://svn.apache.org/viewvc?rev=1440696&view=rev
Log:
Validate the NoPassword case

Modified:

axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java

Modified: 
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java
URL: 
http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java?rev=1440696&r1=1440695&r2=1440696&view=diff
==
--- 
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java
 (original)
+++ 
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java
 Wed Jan 30 21:54:46 2013
@@ -323,12 +323,18 @@ public class PolicyBasedResultsValidator
 
 org.apache.ws.security.message.token.UsernameToken wssUt = 

(org.apache.ws.security.message.token.UsernameToken) 
utResult.get(WSSecurityEngineResult.TAG_USERNAME_TOKEN);
-if(ut.isHashPassword() && 
!wssUt.getPasswordType().equals(WSConstants.PASSWORD_DIGEST)) {
+
+if(ut.isNoPassword() && wssUt.getPassword() != null) {
+   throw new RampartException("invalidUsernameTokenType");
+}
+
+   if(ut.isHashPassword() && !wssUt.isHashed()) {
throw new RampartException("invalidUsernameTokenType");
 } else if 
(!wssUt.getPasswordType().equals(WSConstants.PASSWORD_TEXT)) {
throw new RampartException("invalidUsernameTokenType");
 }
 
+
 
 } else if (token instanceof IssuedToken) {
 //TODO is is enough to check for ST_UNSIGNED results ??

svn commit: r1440633 - in /axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart: PolicyBasedResultsValidator.java errors.properties

svn commit: r1440696 - /axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java

2 matches

Site Navigation

Mail list logo

Footer information