February 2013 - jbossws-commits - Jboss List Archives

JBossWS SVN: r17309 - thirdparty/cxf/branches/cxf-2.4.9.jbossorg-1_BZ910692/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators.

by jbossws-commits＠lists.jboss.org

Author: mmusaji Date: 2013-02-13 07:04:40 -0500 (Wed, 13 Feb 2013) New Revision: 17309 Modified: thirdparty/cxf/branches/cxf-2.4.9.jbossorg-1_BZ910692/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractSupportingTokenPolicyValidator.java Log: [BZ910692] Merged changes from CXF-4789. This is dependant on WSS-421 Modified: thirdparty/cxf/branches/cxf-2.4.9.jbossorg-1_BZ910692/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/… [View More]

12 years, 2 months

1
0
0 / 0

JBossWS SVN: r17308 - thirdparty/wss4j/branches/wss4j-1.6.7_BZ910692/src/main/java/org/apache/ws/security/message.

by jbossws-commits＠lists.jboss.org

Author: mmusaji Date: 2013-02-13 05:55:39 -0500 (Wed, 13 Feb 2013) New Revision: 17308 Modified: thirdparty/wss4j/branches/wss4j-1.6.7_BZ910692/src/main/java/org/apache/ws/security/message/WSSecSignature.java Log: [BZ910692] Merged fixed from WSS-421 Modified: thirdparty/wss4j/branches/wss4j-1.6.7_BZ910692/src/main/java/org/apache/ws/security/message/WSSecSignature.java =================================================================== --- thirdparty/wss4j/branches/wss4j-1.6.7_BZ910692/… [View More]

12 years, 2 months

1
0
0 / 0

JBossWS SVN: r17307 - thirdparty/cxf/branches.

by jbossws-commits＠lists.jboss.org

Author: mmusaji Date: 2013-02-13 05:17:47 -0500 (Wed, 13 Feb 2013) New Revision: 17307 Added: thirdparty/cxf/branches/cxf-2.4.9.jbossorg-1_BZ910692/ Log: [BZ910692] Create one off patch branch

12 years, 2 months

1
0
0 / 0

JBossWS SVN: r17306 - thirdparty/wss4j/branches.

by jbossws-commits＠lists.jboss.org

Author: mmusaji Date: 2013-02-13 05:14:53 -0500 (Wed, 13 Feb 2013) New Revision: 17306 Added: thirdparty/wss4j/branches/wss4j-1.6.7_BZ910692/ Log: [BZ910692] Create one off patch branch

12 years, 2 months

1
0
0 / 0

JBossWS SVN: r17305 - in thirdparty/wss4j: tags and 1 other directory.

by jbossws-commits＠lists.jboss.org

Author: mmusaji Date: 2013-02-13 05:13:18 -0500 (Wed, 13 Feb 2013) New Revision: 17305 Added: thirdparty/wss4j/tags/wss4j-1.6.7/ Removed: thirdparty/wss4j/branches/wss4j-1.6.7/ Log: Moving to branches to tags

12 years, 2 months

1
0
0 / 0

JBossWS SVN: r17304 - in shared-testsuite/trunk/testsuite/src/test: java/org/jboss/test/ws/jaxws/jbws2241 and 3 other directories.

by jbossws-commits＠lists.jboss.org

Author: alessio.soldano(a)jboss.com Date: 2013-02-13 04:43:02 -0500 (Wed, 13 Feb 2013) New Revision: 17304 Added: shared-testsuite/trunk/testsuite/src/test/resources/jaxws/jbws2241/META-INF-as71/ shared-testsuite/trunk/testsuite/src/test/resources/jaxws/jbws2241/META-INF-as71/jboss-ejb3.xml shared-testsuite/trunk/testsuite/src/test/resources/jaxws/jbws2241/META-INF-as71/jboss-webservices.xml shared-testsuite/trunk/testsuite/src/test/resources/jaxws/jbws2241/META-INF-as71/jboss.xml … [View More]Modified: shared-testsuite/trunk/testsuite/src/test/ant-import/build-jars-jaxws.xml shared-testsuite/trunk/testsuite/src/test/java/org/jboss/test/ws/jaxws/jbws2241/JBWS2241TestCase.java shared-testsuite/trunk/testsuite/src/test/resources/jaxws/jbws2241/META-INF/jboss-ejb3.xml Log: Fixing testcase as a consequence of AS7-6476 changes (missing-method-permission-deny-access default true) Modified: shared-testsuite/trunk/testsuite/src/test/ant-import/build-jars-jaxws.xml =================================================================== --- shared-testsuite/trunk/testsuite/src/test/ant-import/build-jars-jaxws.xml 2013-02-12 17:06:09 UTC (rev 17303) +++ shared-testsuite/trunk/testsuite/src/test/ant-import/build-jars-jaxws.xml 2013-02-13 09:43:02 UTC (rev 17304) @@ -731,6 +731,19 @@ <include name="jboss-webservices.xml" /> </metainf> </jar> + <jar jarfile="${tests.output.dir}/test-libs/jaxws-jbws2241-as71.jar"> + <fileset dir="${tests.output.dir}/test-classes"> + <include name="org/jboss/test/ws/jaxws/jbws2241/EJB3Bean.class" /> + <include name="org/jboss/test/ws/jaxws/jbws2241/EJB3RemoteInterface.class" /> + <include name="org/jboss/test/ws/jaxws/jbws2241/EndpointInterface.class" /> + <include name="org/jboss/test/ws/jaxws/jbws2241/EndpointService.class" /> + </fileset> + <metainf dir="${tests.output.dir}/test-resources/jaxws/jbws2241/META-INF-as71"> + <include name="jboss.xml" /> + <include name="jboss-ejb3.xml" /> + <include name="jboss-webservices.xml" /> + </metainf> + </jar>  <war warfile="${tests.output.dir}/test-libs/jaxws-jbws2250.war" webxml="${tests.output.dir}/test-resources/jaxws/jbws2250/WEB-INF/web.xml"> Modified: shared-testsuite/trunk/testsuite/src/test/java/org/jboss/test/ws/jaxws/jbws2241/JBWS2241TestCase.java =================================================================== --- shared-testsuite/trunk/testsuite/src/test/java/org/jboss/test/ws/jaxws/jbws2241/JBWS2241TestCase.java 2013-02-12 17:06:09 UTC (rev 17303) +++ shared-testsuite/trunk/testsuite/src/test/java/org/jboss/test/ws/jaxws/jbws2241/JBWS2241TestCase.java 2013-02-13 09:43:02 UTC (rev 17304) @@ -41,29 +41,45 @@ */ public class JBWS2241TestCase extends JBossWSTest { - private EndpointInterface port; - public static Test suite() { - return new JBossWSTestSetup(JBWS2241TestCase.class, "jaxws-jbws2241.jar", true); + return new JBossWSTestSetup(JBWS2241TestCase.class, isTargetJBoss71() ? "jaxws-jbws2241-as71.jar" : "jaxws-jbws2241.jar", true); } - public void setUp() throws MalformedURLException - { - if (port == null) - { - URL wsdlURL = new URL("http://" + getServerHost() + ":8080/contextRoot/urlPattern/test?wsdl"); - QName serviceName = new QName("http://jbws2241.jaxws.ws.test.jboss.org/", "EJB3BeanService"); - Service service = Service.create(wsdlURL, serviceName); - port = service.getPort(EndpointInterface.class); - ((BindingProvider)port).getRequestContext().put(BindingProvider.USERNAME_PROPERTY, "kermit"); - ((BindingProvider)port).getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, "thefrog"); + private EndpointInterface getPort(String user, String pwd) throws MalformedURLException { + URL wsdlURL = new URL("http://" + getServerHost() + ":8080/contextRoot/urlPattern/test?wsdl"); + QName serviceName = new QName("http://jbws2241.jaxws.ws.test.jboss.org/", "EJB3BeanService"); + Service service = Service.create(wsdlURL, serviceName); + EndpointInterface port = service.getPort(EndpointInterface.class); + if (user != null) { + ((BindingProvider)port).getRequestContext().put(BindingProvider.USERNAME_PROPERTY, user); } + if (pwd != null) { + ((BindingProvider)port).getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, pwd); + } + return port; } public void testInvocation() throws Exception { + EndpointInterface port = getPort("kermit", "thefrog"); String hello = port.hello("hello"); assertEquals("hello", hello); + + port = getPort("kermit", "notthefrog"); + try { + port.hello("hi"); + fail("Failure expected with wrong credentials"); + } catch (Exception e) { + + } + + port = getPort(null, null); + try { + port.hello("hi"); + fail("Failure expected without credentials"); + } catch (Exception e) { + + } } } Modified: shared-testsuite/trunk/testsuite/src/test/resources/jaxws/jbws2241/META-INF/jboss-ejb3.xml =================================================================== --- shared-testsuite/trunk/testsuite/src/test/resources/jaxws/jbws2241/META-INF/jboss-ejb3.xml 2013-02-12 17:06:09 UTC (rev 17303) +++ shared-testsuite/trunk/testsuite/src/test/resources/jaxws/jbws2241/META-INF/jboss-ejb3.xml 2013-02-13 09:43:02 UTC (rev 17304) @@ -10,9 +10,10 @@ impl-version="2.0"> <spec:assembly-descriptor> - <security xmlns="urn:security"> + <security xmlns="urn:security:1.1"> <spec:ejb-name>EJB3Bean</spec:ejb-name> <security-domain>JBossWS</security-domain> + <missing-method-permissions-deny-access>false</missing-method-permissions-deny-access> </security> <spec:security-role> <spec:role-name>friend</spec:role-name> Added: shared-testsuite/trunk/testsuite/src/test/resources/jaxws/jbws2241/META-INF-as71/jboss-ejb3.xml =================================================================== --- shared-testsuite/trunk/testsuite/src/test/resources/jaxws/jbws2241/META-INF-as71/jboss-ejb3.xml (rev 0) +++ shared-testsuite/trunk/testsuite/src/test/resources/jaxws/jbws2241/META-INF-as71/jboss-ejb3.xml 2013-02-13 09:43:02 UTC (rev 17304) @@ -0,0 +1,22 @@ +<?xml version="1.0" encoding="utf-8"?> + +<jboss:jboss + xmlns:jboss="http://www.jboss.com/xml/ns/javaee" + xmlns:spec="http://java.sun.com/xml/ns/javaee" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://www.jboss.com/xml/ns/javaee http://www.jboss.org/j2ee/schema/jboss_5_0.xsd + http://java.sun.com/xml/ns/javaee http://www.jboss.org/j2ee/schema/jboss-ejb3-spec-2_0.xsd" + version="3.1" + impl-version="2.0"> + + <spec:assembly-descriptor> + <security xmlns="urn:security"> + <spec:ejb-name>EJB3Bean</spec:ejb-name> + <security-domain>JBossWS</security-domain> + </security> + <spec:security-role> + <spec:role-name>friend</spec:role-name> + </spec:security-role> + </spec:assembly-descriptor> + +</jboss:jboss> Added: shared-testsuite/trunk/testsuite/src/test/resources/jaxws/jbws2241/META-INF-as71/jboss-webservices.xml =================================================================== --- shared-testsuite/trunk/testsuite/src/test/resources/jaxws/jbws2241/META-INF-as71/jboss-webservices.xml (rev 0) +++ shared-testsuite/trunk/testsuite/src/test/resources/jaxws/jbws2241/META-INF-as71/jboss-webservices.xml 2013-02-13 09:43:02 UTC (rev 17304) @@ -0,0 +1,20 @@ +<?xml version="1.1" encoding="UTF-8"?> +<webservices + xmlns="http://www.jboss.com/xml/ns/javaee" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + version="1.0" + xsi:schemaLocation="http://www.jboss.com/xml/ns/javaee http://www.jboss.org/j2ee/schema/jboss_webservices_1_0.xsd"> + + <context-root>/contextRoot</context-root> + + <port-component> + <ejb-name>EJB3Bean</ejb-name> + <port-component-name>TestPortComponent</port-component-name> + <port-component-uri>/urlPattern/test</port-component-uri> + <auth-method>BASIC</auth-method> + <transport-guarantee>NONE</transport-guarantee> + <secure-wsdl-access>false</secure-wsdl-access> + </port-component> + +</webservices> + Added: shared-testsuite/trunk/testsuite/src/test/resources/jaxws/jbws2241/META-INF-as71/jboss.xml =================================================================== --- shared-testsuite/trunk/testsuite/src/test/resources/jaxws/jbws2241/META-INF-as71/jboss.xml (rev 0) +++ shared-testsuite/trunk/testsuite/src/test/resources/jaxws/jbws2241/META-INF-as71/jboss.xml 2013-02-13 09:43:02 UTC (rev 17304) @@ -0,0 +1,16 @@ +<?xml version="1.0" encoding="UTF-8"?> + +<!DOCTYPE jboss PUBLIC "-//JBoss//DTD JBOSS 4.2//EN" "http://www.jboss.org/j2ee/dtd/jboss_4_2.dtd"> + +<jboss> + + <security-domain>JBossWS</security-domain> + + <enterprise-beans> + <session> + <ejb-name>EJB3Bean</ejb-name> + <jndi-name>ejb/EJB3Bean</jndi-name> + </session> + </enterprise-beans> + +</jboss> [View Less]

12 years, 2 months

1
0
0 / 0

JBossWS SVN: r17302 - in thirdparty/wss4j: tags and 1 other directory.

by jbossws-commits＠lists.jboss.org

Author: mmusaji Date: 2013-02-12 11:21:01 -0500 (Tue, 12 Feb 2013) New Revision: 17302 Added: thirdparty/wss4j/tags/wss4j-1.6.5/ Removed: thirdparty/wss4j/branches/wss4j-1.6.5/ Log: Moving tag to the tag branch

12 years, 2 months

1
0
0 / 0

JBossWS SVN: r17301 - thirdparty/wss4j/tags.

by jbossws-commits＠lists.jboss.org

Author: mmusaji Date: 2013-02-12 11:20:06 -0500 (Tue, 12 Feb 2013) New Revision: 17301 Removed: thirdparty/wss4j/tags/wss4j-1.6.5_BZ908807/ Log: [BZ908807] Removed one off patch branch from tags

12 years, 2 months

1
0
0 / 0

JBossWS SVN: r17300 - in thirdparty/wss4j/branches: wss4j-1.6.5_BZ908807/src/main/java/org/apache/ws/security/message and 1 other directory.

by jbossws-commits＠lists.jboss.org

Author: mmusaji Date: 2013-02-12 11:18:16 -0500 (Tue, 12 Feb 2013) New Revision: 17300 Added: thirdparty/wss4j/branches/wss4j-1.6.5_BZ908807/ thirdparty/wss4j/branches/wss4j-1.6.5_BZ908807/src/main/java/org/apache/ws/security/message/WSSecSignature.java Removed: thirdparty/wss4j/branches/wss4j-1.6.5_BZ908807/src/main/java/org/apache/ws/security/message/WSSecSignature.java Log: [BZ908807] Copying one off patch branch to /branches Deleted: thirdparty/wss4j/branches/wss4j-1.6.5_BZ908807/… [View More]src/main/java/org/apache/ws/security/message/WSSecSignature.java =================================================================== --- thirdparty/wss4j/tags/wss4j-1.6.5_BZ908807/src/main/java/org/apache/ws/security/message/WSSecSignature.java 2013-02-07 15:57:37 UTC (rev 17276) +++ thirdparty/wss4j/branches/wss4j-1.6.5_BZ908807/src/main/java/org/apache/ws/security/message/WSSecSignature.java 2013-02-12 16:18:16 UTC (rev 17300) @@ -1,820 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.apache.ws.security.message; - -import org.apache.ws.security.WSConstants; -import org.apache.ws.security.WSDocInfo; -import org.apache.ws.security.WSEncryptionPart; -import org.apache.ws.security.WSSConfig; -import org.apache.ws.security.WSSecurityException; -import org.apache.ws.security.components.crypto.Crypto; -import org.apache.ws.security.components.crypto.CryptoType; -import org.apache.ws.security.message.token.BinarySecurity; -import org.apache.ws.security.message.token.DOMX509Data; -import org.apache.ws.security.message.token.DOMX509IssuerSerial; -import org.apache.ws.security.message.token.KerberosSecurity; -import org.apache.ws.security.message.token.PKIPathSecurity; -import org.apache.ws.security.message.token.Reference; -import org.apache.ws.security.message.token.SecurityTokenReference; -import org.apache.ws.security.message.token.X509Security; -import org.apache.ws.security.transform.STRTransform; -import org.apache.ws.security.util.Base64; -import org.apache.ws.security.util.WSSecurityUtil; - -import org.w3c.dom.Document; -import org.w3c.dom.Element; -import org.w3c.dom.Node; - -import java.security.NoSuchProviderException; -import java.security.cert.X509Certificate; -import java.util.ArrayList; -import java.util.List; - -import javax.xml.crypto.XMLStructure; -import javax.xml.crypto.dom.DOMStructure; -import javax.xml.crypto.dsig.CanonicalizationMethod; -import javax.xml.crypto.dsig.SignatureMethod; -import javax.xml.crypto.dsig.SignedInfo; -import javax.xml.crypto.dsig.XMLSignature; -import javax.xml.crypto.dsig.XMLSignatureFactory; -import javax.xml.crypto.dsig.XMLSignContext; -import javax.xml.crypto.dsig.dom.DOMSignContext; -import javax.xml.crypto.dsig.keyinfo.KeyInfo; -import javax.xml.crypto.dsig.keyinfo.KeyInfoFactory; -import javax.xml.crypto.dsig.keyinfo.KeyValue; -import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec; -import javax.xml.crypto.dsig.spec.ExcC14NParameterSpec; - - -/** - * Creates a Signature according to WS Specification, X509 profile. - * - * This class is a re-factored implementation of the previous WSS4J class - * <code>WSSignEnvelope</code>. This new class allows better control of - * the process to create a Signature and to add it to the Security header. - * - * The flexibility and fine granular control is required to implement a handler - * that uses WSSecurityPolicy files to control the setup of a Security header. - * - * @author Davanum Srinivas (dims(a)yahoo.com) - * @author Werner Dittmann (werner(a)apache.org) - */ -public class WSSecSignature extends WSSecSignatureBase { - - private static org.apache.commons.logging.Log log = - org.apache.commons.logging.LogFactory.getLog(WSSecSignature.class); - - protected boolean useSingleCert = true; - protected String sigAlgo = null; - protected String canonAlgo = WSConstants.C14N_EXCL_OMIT_COMMENTS; - protected byte[] signatureValue = null; - protected Document document = null; - protected WSDocInfo wsDocInfo = null; - protected String certUri = null; - protected String keyInfoUri = null; - protected SecurityTokenReference secRef = null; - protected String strUri = null; - protected BinarySecurity bstToken = null; - - protected KeyInfoFactory keyInfoFactory; - protected XMLSignatureFactory signatureFactory; - protected KeyInfo keyInfo; - protected CanonicalizationMethod c14nMethod; - protected XMLSignature sig; - protected byte[] secretKey = null; - protected String customTokenValueType; - protected String customTokenId; - - private String encrKeySha1value = null; - private Crypto crypto = null; - private String digestAlgo = WSConstants.SHA1; - private X509Certificate useThisCert = null; - private Element securityHeader = null; - private boolean useCustomSecRef; - - public WSSecSignature() { - super(); - init(); - } - - public WSSecSignature(WSSConfig config) { - super(config); - init(); - } - - private void init() { - // Try to install the Santuario Provider - fall back to the JDK provider if this does - // not work - try { - signatureFactory = XMLSignatureFactory.getInstance("DOM", "ApacheXMLDSig"); - } catch (NoSuchProviderException ex) { - signatureFactory = XMLSignatureFactory.getInstance("DOM"); - } - try { - keyInfoFactory = KeyInfoFactory.getInstance("DOM", "ApacheXMLDSig"); - } catch (NoSuchProviderException ex) { - keyInfoFactory = KeyInfoFactory.getInstance("DOM"); - } - } - - /** - * Initialize a WSSec Signature. - * - * The method sets up and initializes a WSSec Signature structure after the - * relevant information was set. After setup of the references to elements - * to sign may be added. After all references are added they can be signed. - * - * This method does not add the Signature element to the security header. - * See <code>prependSignatureElementToHeader()</code> method. - * - * @param doc The SOAP envelope as <code>Document</code> - * @param cr An instance of the Crypto API to handle keystore and certificates - * @param secHeader The security header that will hold the Signature. This is used - * to construct namespace prefixes for Signature. This method - * @throws WSSecurityException - */ - public void prepare(Document doc, Crypto cr, WSSecHeader secHeader) - throws WSSecurityException { - // - // Gather some info about the document to process and store it for - // retrieval - // - crypto = cr; - document = doc; - wsDocInfo = new WSDocInfo(doc); - wsDocInfo.setCrypto(cr); - securityHeader = secHeader.getSecurityHeader(); - - // - // At first get the security token (certificate) according to the parameters. - // - X509Certificate[] certs = getSigningCerts(); - - try { - C14NMethodParameterSpec c14nSpec = null; - if (getWsConfig().isWsiBSPCompliant() && canonAlgo.equals(WSConstants.C14N_EXCL_OMIT_COMMENTS)) { - List<String> prefixes = - getInclusivePrefixes(secHeader.getSecurityHeader(), false); - c14nSpec = new ExcC14NParameterSpec(prefixes); - } - - c14nMethod = signatureFactory.newCanonicalizationMethod(canonAlgo, c14nSpec); - } catch (Exception ex) { - log.error("", ex); - throw new WSSecurityException( - WSSecurityException.FAILED_SIGNATURE, "noXMLSig", null, ex - ); - } - - keyInfoUri = getWsConfig().getIdAllocator().createSecureId("KI-", keyInfo); - if (!useCustomSecRef) { - secRef = new SecurityTokenReference(doc); - strUri = getWsConfig().getIdAllocator().createSecureId("STR-", secRef); - secRef.setID(strUri); - - // - // Get an initialized XMLSignature element. - // - - // - // Prepare and setup the token references for this Signature - // - switch (keyIdentifierType) { - case WSConstants.BST_DIRECT_REFERENCE: - Reference ref = new Reference(document); - ref.setURI("#" + certUri); - if (!useSingleCert) { - bstToken = new PKIPathSecurity(document); - ((PKIPathSecurity) bstToken).setX509Certificates(certs, crypto); - secRef.addTokenType(PKIPathSecurity.PKI_TYPE); - } else { - bstToken = new X509Security(document); - ((X509Security) bstToken).setX509Certificate(certs[0]); - } - ref.setValueType(bstToken.getValueType()); - secRef.setReference(ref); - bstToken.setID(certUri); - wsDocInfo.addTokenElement(bstToken.getElement(), false); - break; - - case WSConstants.ISSUER_SERIAL: - String issuer = certs[0].getIssuerX500Principal().getName(); - java.math.BigInteger serialNumber = certs[0].getSerialNumber(); - DOMX509IssuerSerial domIssuerSerial = - new DOMX509IssuerSerial(doc, issuer, serialNumber); - DOMX509Data domX509Data = new DOMX509Data(doc, domIssuerSerial); - secRef.setX509Data(domX509Data); - break; - - case WSConstants.X509_KEY_IDENTIFIER: - secRef.setKeyIdentifier(certs[0]); - break; - - case WSConstants.SKI_KEY_IDENTIFIER: - secRef.setKeyIdentifierSKI(certs[0], crypto); - break; - - case WSConstants.THUMBPRINT_IDENTIFIER: - secRef.setKeyIdentifierThumb(certs[0]); - break; - - case WSConstants.ENCRYPTED_KEY_SHA1_IDENTIFIER: - if (encrKeySha1value != null) { - secRef.setKeyIdentifierEncKeySHA1(encrKeySha1value); - } else { - byte[] digestBytes = WSSecurityUtil.generateDigest(secretKey); - secRef.setKeyIdentifierEncKeySHA1(Base64.encode(digestBytes)); - } - secRef.addTokenType(WSConstants.WSS_ENC_KEY_VALUE_TYPE); - break; - - case WSConstants.CUSTOM_SYMM_SIGNING : - Reference refCust = new Reference(document); - if (WSConstants.WSS_SAML_KI_VALUE_TYPE.equals(customTokenValueType)) { - secRef.addTokenType(WSConstants.WSS_SAML_TOKEN_TYPE); - refCust.setValueType(customTokenValueType); - } else if (WSConstants.WSS_SAML2_KI_VALUE_TYPE.equals(customTokenValueType)) { - secRef.addTokenType(WSConstants.WSS_SAML2_TOKEN_TYPE); - } else if (WSConstants.WSS_ENC_KEY_VALUE_TYPE.equals(customTokenValueType)) { - secRef.addTokenType(WSConstants.WSS_ENC_KEY_VALUE_TYPE); - refCust.setValueType(customTokenValueType); - } else if (KerberosSecurity.isKerberosToken(customTokenValueType)) { - secRef.addTokenType(customTokenValueType); - refCust.setValueType(customTokenValueType); - } else { - refCust.setValueType(customTokenValueType); - } - refCust.setURI("#" + customTokenId); - secRef.setReference(refCust); - break; - - case WSConstants.CUSTOM_SYMM_SIGNING_DIRECT : - Reference refCustd = new Reference(document); - if (WSConstants.WSS_SAML_KI_VALUE_TYPE.equals(customTokenValueType)) { - secRef.addTokenType(WSConstants.WSS_SAML_TOKEN_TYPE); - refCustd.setValueType(customTokenValueType); - } else if (WSConstants.WSS_SAML2_KI_VALUE_TYPE.equals(customTokenValueType)) { - secRef.addTokenType(WSConstants.WSS_SAML2_TOKEN_TYPE); - } else if (WSConstants.WSS_ENC_KEY_VALUE_TYPE.equals(customTokenValueType)) { - secRef.addTokenType(WSConstants.WSS_ENC_KEY_VALUE_TYPE); - refCustd.setValueType(customTokenValueType); - } else if (KerberosSecurity.isKerberosToken(customTokenValueType)) { - secRef.addTokenType(customTokenValueType); - refCustd.setValueType(customTokenValueType); - } else { - refCustd.setValueType(customTokenValueType); - } - refCustd.setURI(customTokenId); - secRef.setReference(refCustd); - break; - - case WSConstants.CUSTOM_KEY_IDENTIFIER: - if (WSConstants.WSS_SAML_KI_VALUE_TYPE.equals(customTokenValueType)) { - secRef.setKeyIdentifier(customTokenValueType, customTokenId); - secRef.addTokenType(WSConstants.WSS_SAML_TOKEN_TYPE); - } else if (WSConstants.WSS_SAML2_KI_VALUE_TYPE.equals(customTokenValueType)) { - secRef.setKeyIdentifier(customTokenValueType, customTokenId); - secRef.addTokenType(WSConstants.WSS_SAML2_TOKEN_TYPE); - } else if (WSConstants.WSS_ENC_KEY_VALUE_TYPE.equals(customTokenValueType)) { - secRef.setKeyIdentifier(customTokenValueType, customTokenId, true); - secRef.addTokenType(WSConstants.WSS_ENC_KEY_VALUE_TYPE); - } else if (SecurityTokenReference.ENC_KEY_SHA1_URI.equals(customTokenValueType)) { - secRef.setKeyIdentifier(customTokenValueType, customTokenId, true); - secRef.addTokenType(WSConstants.WSS_ENC_KEY_VALUE_TYPE); - } else if (WSConstants.WSS_KRB_KI_VALUE_TYPE.equals(customTokenValueType)) { - secRef.setKeyIdentifier(customTokenValueType, customTokenId, true); - secRef.addTokenType(WSConstants.WSS_GSS_KRB_V5_AP_REQ); - } - break; - - case WSConstants.KEY_VALUE: - java.security.PublicKey publicKey = certs[0].getPublicKey(); - - try { - KeyValue keyValue = keyInfoFactory.newKeyValue(publicKey); - keyInfo = - keyInfoFactory.newKeyInfo( - java.util.Collections.singletonList(keyValue), keyInfoUri - ); - } catch (java.security.KeyException ex) { - log.error("", ex); - throw new WSSecurityException( - WSSecurityException.FAILED_SIGNATURE, "noXMLSig", null, ex - ); - } - break; - default: - throw new WSSecurityException(WSSecurityException.FAILURE, "unsupportedKeyId"); - } - } - - if (keyIdentifierType != WSConstants.KEY_VALUE) { - XMLStructure structure = new DOMStructure(secRef.getElement()); - wsDocInfo.addTokenElement(secRef.getElement(), false); - keyInfo = - keyInfoFactory.newKeyInfo( - java.util.Collections.singletonList(structure), keyInfoUri - ); - } - } - - - /** - * Builds a signed soap envelope. - * - * This is a convenience method and for backward compatibility. The method - * creates a Signature and puts it into the Security header. It does so by - * calling the single functions in order to perform a <i>one shot signature</i>. - * This method is compatible with the build method of the previous version - * with the exception of the additional WSSecHeader parameter. - * - * @param doc The unsigned SOAP envelope as <code>Document</code> - * @param cr An instance of the Crypto API to handle keystore and certificates - * @param secHeader the security header element to hold the encrypted key element. - * @return A signed SOAP envelope as <code>Document</code> - * @throws WSSecurityException - */ - public Document build(Document doc, Crypto cr, WSSecHeader secHeader) - throws WSSecurityException { - doDebug = log.isDebugEnabled(); - - if (doDebug) { - log.debug("Beginning signing..."); - } - - prepare(doc, cr, secHeader); - if (parts == null) { - parts = new ArrayList<WSEncryptionPart>(1); - String soapNamespace = WSSecurityUtil.getSOAPNamespace(doc.getDocumentElement()); - WSEncryptionPart encP = - new WSEncryptionPart( - WSConstants.ELEM_BODY, - soapNamespace, - "Content" - ); - parts.add(encP); - } else { - for (WSEncryptionPart part : parts) { - if ("STRTransform".equals(part.getName()) && part.getId() == null) { - part.setId(strUri); - } - } - } - - List<javax.xml.crypto.dsig.Reference> referenceList = - addReferencesToSign(parts, secHeader); - - computeSignature(referenceList); - - // - // if we have a BST prepend it in front of the Signature according to - // strict layout rules. - // - if (bstToken != null) { - prependBSTElementToHeader(secHeader); - } - - return doc; - } - - - /** - * This method adds references to the Signature. - * - * @param references The list of references to sign - * @param secHeader The Security Header - * @throws WSSecurityException - */ - public List<javax.xml.crypto.dsig.Reference> addReferencesToSign( - List<WSEncryptionPart> references, - WSSecHeader secHeader - ) throws WSSecurityException { - return - addReferencesToSign( - document, - references, - wsDocInfo, - signatureFactory, - secHeader, - getWsConfig(), - digestAlgo - ); - } - - /** - * Returns the SignatureElement. - * The method can be called any time after <code>prepare()</code>. - * @return The DOM Element of the signature. - */ - public Element getSignatureElement() { - return - WSSecurityUtil.getDirectChildElement( - securityHeader, - WSConstants.SIG_LN, - WSConstants.SIG_NS - ); - } - - /** - * Prepend the BinarySecurityToken to the elements already in the Security - * header. - * - * The method can be called any time after <code>prepare()</code>. - * This allows to insert the BST element at any position in the Security - * header. - * - * @param secHeader The security header - */ - public void prependBSTElementToHeader(WSSecHeader secHeader) { - if (bstToken != null) { - WSSecurityUtil.prependChildElement(secHeader.getSecurityHeader(), bstToken.getElement()); - } - bstToken = null; - } - - /** - * Append the BinarySecurityToken to the security header. - * @param secHeader The security header - */ - public void appendBSTElementToHeader(WSSecHeader secHeader) { - if (bstToken != null) { - Element secHeaderElement = secHeader.getSecurityHeader(); - secHeaderElement.appendChild(bstToken.getElement()); - } - bstToken = null; - } - - /** - * Compute the Signature over the references. The signature element will be - * prepended to the security header. - * - * This method can be called any time after the references were set. See - * <code>addReferencesToSign()</code>. - * - * @param referenceList The list of references to sign - * - * @throws WSSecurityException - */ - public void computeSignature( - List<javax.xml.crypto.dsig.Reference> referenceList - ) throws WSSecurityException { - computeSignature(referenceList, true, null); - } - - /** - * Compute the Signature over the references. - * - * This method can be called any time after the references were set. See - * <code>addReferencesToSign()</code>. - * - * @param referenceList The list of references to sign - * @param prepend Whether to prepend the signature element to the security header - * @param siblingElement If prepending, then prepend before this sibling Element - * - * @throws WSSecurityException - */ - public void computeSignature( - List<javax.xml.crypto.dsig.Reference> referenceList, - boolean prepend, - Element siblingElement - ) throws WSSecurityException { - try { - java.security.Key key; - if (secretKey == null) { - key = crypto.getPrivateKey(user, password); - } else { - key = WSSecurityUtil.prepareSecretKey(sigAlgo, secretKey); - } - SignatureMethod signatureMethod = - signatureFactory.newSignatureMethod(sigAlgo, null); - SignedInfo signedInfo = - signatureFactory.newSignedInfo(c14nMethod, signatureMethod, referenceList); - - sig = signatureFactory.newXMLSignature( - signedInfo, - keyInfo, - null, - getWsConfig().getIdAllocator().createId("SIG-", null), - null); - - // - // Figure out where to insert the signature element - // - XMLSignContext signContext = null; - if (prepend) { - if (siblingElement == null) { - Node child = securityHeader.getFirstChild(); - while (child != null && child.getNodeType() != Node.ELEMENT_NODE) { - child = child.getNextSibling(); - } - siblingElement = (Element)child; - } - if (siblingElement == null) { - signContext = new DOMSignContext(key, securityHeader); - } else { - signContext = new DOMSignContext(key, securityHeader, siblingElement); - } - } else { - signContext = new DOMSignContext(key, securityHeader); - } - - signContext.putNamespacePrefix(WSConstants.SIG_NS, WSConstants.SIG_PREFIX); - if (WSConstants.C14N_EXCL_OMIT_COMMENTS.equals(canonAlgo)) { - signContext.putNamespacePrefix( - WSConstants.C14N_EXCL_OMIT_COMMENTS, - WSConstants.C14N_EXCL_OMIT_COMMENTS_PREFIX - ); - } - signContext.setProperty(STRTransform.TRANSFORM_WS_DOC_INFO, wsDocInfo); - wsDocInfo.setCallbackLookup(callbackLookup); - - // Add the elements to sign to the Signature Context - wsDocInfo.setTokensOnContext((DOMSignContext)signContext); - if (secRef != null && secRef.getElement() != null) { - WSSecurityUtil.storeElementInContext((DOMSignContext)signContext, secRef.getElement()); - } - sig.sign(signContext); - - signatureValue = sig.getSignatureValue().getValue(); - } catch (Exception ex) { - log.error(ex); - throw new WSSecurityException( - WSSecurityException.FAILED_SIGNATURE, null, null, ex - ); - } - } - - /** - * Set the single cert flag. - * - * @param useSingleCert - */ - public void setUseSingleCertificate(boolean useSingleCert) { - this.useSingleCert = useSingleCert; - } - - /** - * Get the single cert flag. - * - * @return A boolean if single certificate is set. - */ - public boolean isUseSingleCertificate() { - return useSingleCert; - } - - /** - * Set the name (uri) of the signature encryption algorithm to use. - * - * If the algorithm is not set then an automatic detection of the signature - * algorithm to use is performed during the <code>prepare()</code> - * method. Refer to WSConstants which algorithms are supported. - * - * @param algo the name of the signature algorithm - * @see WSConstants#RSA - * @see WSConstants#DSA - */ - public void setSignatureAlgorithm(String algo) { - sigAlgo = algo; - } - - /** - * Get the name (uri) of the signature algorithm that is being used. - * - * Call this method after <code>prepare</code> to get the information - * which signature algorithm was automatically detected if no signature - * algorithm was preset. - * - * @return the identifier URI of the signature algorithm - */ - public String getSignatureAlgorithm() { - return sigAlgo; - } - - /** - * Set the canonicalization method to use. - * - * If the canonicalization method is not set then the recommended Exclusive - * XML Canonicalization is used by default. Refer to WSConstants which - * algorithms are supported. - * - * @param algo Is the name of the signature algorithm - * @see WSConstants#C14N_OMIT_COMMENTS - * @see WSConstants#C14N_WITH_COMMENTS - * @see WSConstants#C14N_EXCL_OMIT_COMMENTS - * @see WSConstants#C14N_EXCL_WITH_COMMENTS - */ - public void setSigCanonicalization(String algo) { - canonAlgo = algo; - } - - /** - * Get the canonicalization method. - * - * If the canonicalization method was not set then Exclusive XML - * Canonicalization is used by default. - * - * @return The string describing the canonicalization algorithm. - */ - public String getSigCanonicalization() { - return canonAlgo; - } - - /** - * @return the digest algorithm to use - */ - public String getDigestAlgo() { - return digestAlgo; - } - - /** - * Set the string that defines which digest algorithm to use. - * The default is Constants.ALGO_ID_DIGEST_SHA1. - * - * @param digestAlgo the digestAlgo to set - */ - public void setDigestAlgo(String digestAlgo) { - this.digestAlgo = digestAlgo; - } - - - /** - * Returns the computed Signature value. - * - * Call this method after <code>computeSignature()</code> or <code>build()</code> - * methods were called. - * - * @return Returns the signatureValue. - */ - public byte[] getSignatureValue() { - return signatureValue; - } - - /** - * Get the id generated during <code>prepare()</code>. - * - * Returns the the value of wsu:Id attribute of the Signature element. - * - * @return Return the wsu:Id of this token or null if <code>prepare()</code> - * was not called before. - */ - public String getId() { - if (sig == null) { - return null; - } - return sig.getId(); - } - - /** - * Get the id of the BST generated during <code>prepare()</code>. - * - * @return Returns the the value of wsu:Id attribute of the - * BinaruSecurityToken element. - */ - public String getBSTTokenId() { - if (bstToken == null) { - return null; - } - return bstToken.getID(); - } - - /** - * Set the secret key to use - * @param secretKey the secret key to use - */ - public void setSecretKey(byte[] secretKey) { - this.secretKey = secretKey; - } - - /** - * Set the custom token value type to use - * @param customTokenValueType the custom token value type to use - */ - public void setCustomTokenValueType(String customTokenValueType) { - this.customTokenValueType = customTokenValueType; - } - - /** - * Set the custom token id - * @param customTokenId the custom token id - */ - public void setCustomTokenId(String customTokenId) { - this.customTokenId = customTokenId; - } - - /** - * Set the encrypted key sha1 value - * @param encrKeySha1value the encrypted key sha1 value - */ - public void setEncrKeySha1value(String encrKeySha1value) { - this.encrKeySha1value = encrKeySha1value; - } - - /** - * Set the X509 Certificate to use - * @param cer the X509 Certificate to use - */ - public void setX509Certificate(X509Certificate cer) { - this.useThisCert = cer; - } - - /** - * Returns the BST Token element. - * The method can be called any time after <code>prepare()</code>. - * @return the BST Token element - */ - public Element getBinarySecurityTokenElement() { - if (bstToken != null) { - return bstToken.getElement(); - } - return null; - } - - /** - * @return the URI associated with the SecurityTokenReference - * (must be called after {@link #prepare(Document, Crypto, WSSecHeader)} - */ - public String getSecurityTokenReferenceURI() { - return strUri; - } - - /** - * Get the SecurityTokenReference to be used in the KeyInfo element. - */ - public SecurityTokenReference getSecurityTokenReference() { - return secRef; - } - - /** - * Set the SecurityTokenReference to be used in the KeyInfo element. If this - * method is not called, a SecurityTokenRefence will be generated. - */ - public void setSecurityTokenReference(SecurityTokenReference secRef) { - useCustomSecRef = true; - this.secRef = secRef; - } - - /** - * Set up the X509 Certificate(s) for signing. - */ - private X509Certificate[] getSigningCerts() throws WSSecurityException { - X509Certificate[] certs = null; - if (!(keyIdentifierType == WSConstants.CUSTOM_SYMM_SIGNING - || keyIdentifierType == WSConstants.CUSTOM_SYMM_SIGNING_DIRECT - || keyIdentifierType == WSConstants.ENCRYPTED_KEY_SHA1_IDENTIFIER - || keyIdentifierType == WSConstants.CUSTOM_KEY_IDENTIFIER)) { - if (useThisCert == null) { - CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS); - cryptoType.setAlias(user); - certs = crypto.getX509Certificates(cryptoType); - } else { - certs = new X509Certificate[] {useThisCert}; - } - if (certs == null || certs.length <= 0) { - throw new WSSecurityException( - WSSecurityException.FAILURE, - "noUserCertsFound", - new Object[] { user, "signature" } - ); - } - certUri = getWsConfig().getIdAllocator().createSecureId("X509-", certs[0]); - // - // If no signature algorithm was set try to detect it according to the - // data stored in the certificate. - // - if (sigAlgo == null) { - String pubKeyAlgo = certs[0].getPublicKey().getAlgorithm(); - log.debug("Automatic signature algorithm detection: " + pubKeyAlgo); - if (pubKeyAlgo.equalsIgnoreCase("DSA")) { - sigAlgo = WSConstants.DSA; - } else if (pubKeyAlgo.equalsIgnoreCase("RSA")) { - sigAlgo = WSConstants.RSA; - } else { - throw new WSSecurityException( - WSSecurityException.FAILURE, - "unknownSignatureAlgorithm", - new Object[] {pubKeyAlgo} - ); - } - } - } - return certs; - } - -} Copied: thirdparty/wss4j/branches/wss4j-1.6.5_BZ908807/src/main/java/org/apache/ws/security/message/WSSecSignature.java (from rev 17278, thirdparty/wss4j/tags/wss4j-1.6.5_BZ908807/src/main/java/org/apache/ws/security/message/WSSecSignature.java) =================================================================== --- thirdparty/wss4j/branches/wss4j-1.6.5_BZ908807/src/main/java/org/apache/ws/security/message/WSSecSignature.java (rev 0) +++ thirdparty/wss4j/branches/wss4j-1.6.5_BZ908807/src/main/java/org/apache/ws/security/message/WSSecSignature.java 2013-02-12 16:18:16 UTC (rev 17300) @@ -0,0 +1,821 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.ws.security.message; + +import org.apache.ws.security.WSConstants; +import org.apache.ws.security.WSDocInfo; +import org.apache.ws.security.WSEncryptionPart; +import org.apache.ws.security.WSSConfig; +import org.apache.ws.security.WSSecurityException; +import org.apache.ws.security.components.crypto.Crypto; +import org.apache.ws.security.components.crypto.CryptoType; +import org.apache.ws.security.message.token.BinarySecurity; +import org.apache.ws.security.message.token.DOMX509Data; +import org.apache.ws.security.message.token.DOMX509IssuerSerial; +import org.apache.ws.security.message.token.KerberosSecurity; +import org.apache.ws.security.message.token.PKIPathSecurity; +import org.apache.ws.security.message.token.Reference; +import org.apache.ws.security.message.token.SecurityTokenReference; +import org.apache.ws.security.message.token.X509Security; +import org.apache.ws.security.transform.STRTransform; +import org.apache.ws.security.util.Base64; +import org.apache.ws.security.util.WSSecurityUtil; + +import org.w3c.dom.Document; +import org.w3c.dom.Element; +import org.w3c.dom.Node; + +import java.security.NoSuchProviderException; +import java.security.cert.X509Certificate; +import java.util.ArrayList; +import java.util.List; + +import javax.xml.crypto.XMLStructure; +import javax.xml.crypto.dom.DOMStructure; +import javax.xml.crypto.dsig.CanonicalizationMethod; +import javax.xml.crypto.dsig.SignatureMethod; +import javax.xml.crypto.dsig.SignedInfo; +import javax.xml.crypto.dsig.XMLSignature; +import javax.xml.crypto.dsig.XMLSignatureFactory; +import javax.xml.crypto.dsig.XMLSignContext; +import javax.xml.crypto.dsig.dom.DOMSignContext; +import javax.xml.crypto.dsig.keyinfo.KeyInfo; +import javax.xml.crypto.dsig.keyinfo.KeyInfoFactory; +import javax.xml.crypto.dsig.keyinfo.KeyValue; +import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec; +import javax.xml.crypto.dsig.spec.ExcC14NParameterSpec; + + +/** + * Creates a Signature according to WS Specification, X509 profile. + * + * This class is a re-factored implementation of the previous WSS4J class + * <code>WSSignEnvelope</code>. This new class allows better control of + * the process to create a Signature and to add it to the Security header. + * + * The flexibility and fine granular control is required to implement a handler + * that uses WSSecurityPolicy files to control the setup of a Security header. + * + * @author Davanum Srinivas (dims(a)yahoo.com) + * @author Werner Dittmann (werner(a)apache.org) + */ +public class WSSecSignature extends WSSecSignatureBase { + + private static org.apache.commons.logging.Log log = + org.apache.commons.logging.LogFactory.getLog(WSSecSignature.class); + + protected boolean useSingleCert = true; + protected String sigAlgo = null; + protected String canonAlgo = WSConstants.C14N_EXCL_OMIT_COMMENTS; + protected byte[] signatureValue = null; + protected Document document = null; + protected WSDocInfo wsDocInfo = null; + protected String certUri = null; + protected String keyInfoUri = null; + protected SecurityTokenReference secRef = null; + protected String strUri = null; + protected BinarySecurity bstToken = null; + + protected KeyInfoFactory keyInfoFactory; + protected XMLSignatureFactory signatureFactory; + protected KeyInfo keyInfo; + protected CanonicalizationMethod c14nMethod; + protected XMLSignature sig; + protected byte[] secretKey = null; + protected String customTokenValueType; + protected String customTokenId; + + private String encrKeySha1value = null; + private Crypto crypto = null; + private String digestAlgo = WSConstants.SHA1; + private X509Certificate useThisCert = null; + private Element securityHeader = null; + private boolean useCustomSecRef; + private boolean bstAddedToSecurityHeader = false; + + public WSSecSignature() { + super(); + init(); + } + + public WSSecSignature(WSSConfig config) { + super(config); + init(); + } + + private void init() { + // Try to install the Santuario Provider - fall back to the JDK provider if this does + // not work + try { + signatureFactory = XMLSignatureFactory.getInstance("DOM", "ApacheXMLDSig"); + } catch (NoSuchProviderException ex) { + signatureFactory = XMLSignatureFactory.getInstance("DOM"); + } + try { + keyInfoFactory = KeyInfoFactory.getInstance("DOM", "ApacheXMLDSig"); + } catch (NoSuchProviderException ex) { + keyInfoFactory = KeyInfoFactory.getInstance("DOM"); + } + } + + /** + * Initialize a WSSec Signature. + * + * The method sets up and initializes a WSSec Signature structure after the + * relevant information was set. After setup of the references to elements + * to sign may be added. After all references are added they can be signed. + * + * This method does not add the Signature element to the security header. + * See <code>prependSignatureElementToHeader()</code> method. + * + * @param doc The SOAP envelope as <code>Document</code> + * @param cr An instance of the Crypto API to handle keystore and certificates + * @param secHeader The security header that will hold the Signature. This is used + * to construct namespace prefixes for Signature. This method + * @throws WSSecurityException + */ + public void prepare(Document doc, Crypto cr, WSSecHeader secHeader) + throws WSSecurityException { + // + // Gather some info about the document to process and store it for + // retrieval + // + crypto = cr; + document = doc; + wsDocInfo = new WSDocInfo(doc); + wsDocInfo.setCrypto(cr); + securityHeader = secHeader.getSecurityHeader(); + + // + // At first get the security token (certificate) according to the parameters. + // + X509Certificate[] certs = getSigningCerts(); + + try { + C14NMethodParameterSpec c14nSpec = null; + if (getWsConfig().isWsiBSPCompliant() && canonAlgo.equals(WSConstants.C14N_EXCL_OMIT_COMMENTS)) { + List<String> prefixes = + getInclusivePrefixes(secHeader.getSecurityHeader(), false); + c14nSpec = new ExcC14NParameterSpec(prefixes); + } + + c14nMethod = signatureFactory.newCanonicalizationMethod(canonAlgo, c14nSpec); + } catch (Exception ex) { + log.error("", ex); + throw new WSSecurityException( + WSSecurityException.FAILED_SIGNATURE, "noXMLSig", null, ex + ); + } + + keyInfoUri = getWsConfig().getIdAllocator().createSecureId("KI-", keyInfo); + if (!useCustomSecRef) { + secRef = new SecurityTokenReference(doc); + strUri = getWsConfig().getIdAllocator().createSecureId("STR-", secRef); + secRef.setID(strUri); + + // + // Get an initialized XMLSignature element. + // + + // + // Prepare and setup the token references for this Signature + // + switch (keyIdentifierType) { + case WSConstants.BST_DIRECT_REFERENCE: + Reference ref = new Reference(document); + ref.setURI("#" + certUri); + if (!useSingleCert) { + bstToken = new PKIPathSecurity(document); + ((PKIPathSecurity) bstToken).setX509Certificates(certs, crypto); + secRef.addTokenType(PKIPathSecurity.PKI_TYPE); + } else { + bstToken = new X509Security(document); + ((X509Security) bstToken).setX509Certificate(certs[0]); + } + ref.setValueType(bstToken.getValueType()); + secRef.setReference(ref); + bstToken.setID(certUri); + wsDocInfo.addTokenElement(bstToken.getElement(), false); + break; + + case WSConstants.ISSUER_SERIAL: + String issuer = certs[0].getIssuerX500Principal().getName(); + java.math.BigInteger serialNumber = certs[0].getSerialNumber(); + DOMX509IssuerSerial domIssuerSerial = + new DOMX509IssuerSerial(doc, issuer, serialNumber); + DOMX509Data domX509Data = new DOMX509Data(doc, domIssuerSerial); + secRef.setX509Data(domX509Data); + break; + + case WSConstants.X509_KEY_IDENTIFIER: + secRef.setKeyIdentifier(certs[0]); + break; + + case WSConstants.SKI_KEY_IDENTIFIER: + secRef.setKeyIdentifierSKI(certs[0], crypto); + break; + + case WSConstants.THUMBPRINT_IDENTIFIER: + secRef.setKeyIdentifierThumb(certs[0]); + break; + + case WSConstants.ENCRYPTED_KEY_SHA1_IDENTIFIER: + if (encrKeySha1value != null) { + secRef.setKeyIdentifierEncKeySHA1(encrKeySha1value); + } else { + byte[] digestBytes = WSSecurityUtil.generateDigest(secretKey); + secRef.setKeyIdentifierEncKeySHA1(Base64.encode(digestBytes)); + } + secRef.addTokenType(WSConstants.WSS_ENC_KEY_VALUE_TYPE); + break; + + case WSConstants.CUSTOM_SYMM_SIGNING : + Reference refCust = new Reference(document); + if (WSConstants.WSS_SAML_KI_VALUE_TYPE.equals(customTokenValueType)) { + secRef.addTokenType(WSConstants.WSS_SAML_TOKEN_TYPE); + refCust.setValueType(customTokenValueType); + } else if (WSConstants.WSS_SAML2_KI_VALUE_TYPE.equals(customTokenValueType)) { + secRef.addTokenType(WSConstants.WSS_SAML2_TOKEN_TYPE); + } else if (WSConstants.WSS_ENC_KEY_VALUE_TYPE.equals(customTokenValueType)) { + secRef.addTokenType(WSConstants.WSS_ENC_KEY_VALUE_TYPE); + refCust.setValueType(customTokenValueType); + } else if (KerberosSecurity.isKerberosToken(customTokenValueType)) { + secRef.addTokenType(customTokenValueType); + refCust.setValueType(customTokenValueType); + } else { + refCust.setValueType(customTokenValueType); + } + refCust.setURI("#" + customTokenId); + secRef.setReference(refCust); + break; + + case WSConstants.CUSTOM_SYMM_SIGNING_DIRECT : + Reference refCustd = new Reference(document); + if (WSConstants.WSS_SAML_KI_VALUE_TYPE.equals(customTokenValueType)) { + secRef.addTokenType(WSConstants.WSS_SAML_TOKEN_TYPE); + refCustd.setValueType(customTokenValueType); + } else if (WSConstants.WSS_SAML2_KI_VALUE_TYPE.equals(customTokenValueType)) { + secRef.addTokenType(WSConstants.WSS_SAML2_TOKEN_TYPE); + } else if (WSConstants.WSS_ENC_KEY_VALUE_TYPE.equals(customTokenValueType)) { + secRef.addTokenType(WSConstants.WSS_ENC_KEY_VALUE_TYPE); + refCustd.setValueType(customTokenValueType); + } else if (KerberosSecurity.isKerberosToken(customTokenValueType)) { + secRef.addTokenType(customTokenValueType); + refCustd.setValueType(customTokenValueType); + } else { + refCustd.setValueType(customTokenValueType); + } + refCustd.setURI(customTokenId); + secRef.setReference(refCustd); + break; + + case WSConstants.CUSTOM_KEY_IDENTIFIER: + if (WSConstants.WSS_SAML_KI_VALUE_TYPE.equals(customTokenValueType)) { + secRef.setKeyIdentifier(customTokenValueType, customTokenId); + secRef.addTokenType(WSConstants.WSS_SAML_TOKEN_TYPE); + } else if (WSConstants.WSS_SAML2_KI_VALUE_TYPE.equals(customTokenValueType)) { + secRef.setKeyIdentifier(customTokenValueType, customTokenId); + secRef.addTokenType(WSConstants.WSS_SAML2_TOKEN_TYPE); + } else if (WSConstants.WSS_ENC_KEY_VALUE_TYPE.equals(customTokenValueType)) { + secRef.setKeyIdentifier(customTokenValueType, customTokenId, true); + secRef.addTokenType(WSConstants.WSS_ENC_KEY_VALUE_TYPE); + } else if (SecurityTokenReference.ENC_KEY_SHA1_URI.equals(customTokenValueType)) { + secRef.setKeyIdentifier(customTokenValueType, customTokenId, true); + secRef.addTokenType(WSConstants.WSS_ENC_KEY_VALUE_TYPE); + } else if (WSConstants.WSS_KRB_KI_VALUE_TYPE.equals(customTokenValueType)) { + secRef.setKeyIdentifier(customTokenValueType, customTokenId, true); + secRef.addTokenType(WSConstants.WSS_GSS_KRB_V5_AP_REQ); + } + break; + + case WSConstants.KEY_VALUE: + java.security.PublicKey publicKey = certs[0].getPublicKey(); + + try { + KeyValue keyValue = keyInfoFactory.newKeyValue(publicKey); + keyInfo = + keyInfoFactory.newKeyInfo( + java.util.Collections.singletonList(keyValue), keyInfoUri + ); + } catch (java.security.KeyException ex) { + log.error("", ex); + throw new WSSecurityException( + WSSecurityException.FAILED_SIGNATURE, "noXMLSig", null, ex + ); + } + break; + default: + throw new WSSecurityException(WSSecurityException.FAILURE, "unsupportedKeyId"); + } + } + + if (keyIdentifierType != WSConstants.KEY_VALUE) { + XMLStructure structure = new DOMStructure(secRef.getElement()); + wsDocInfo.addTokenElement(secRef.getElement(), false); + keyInfo = + keyInfoFactory.newKeyInfo( + java.util.Collections.singletonList(structure), keyInfoUri + ); + } + } + + + /** + * Builds a signed soap envelope. + * + * This is a convenience method and for backward compatibility. The method + * creates a Signature and puts it into the Security header. It does so by + * calling the single functions in order to perform a <i>one shot signature</i>. + * This method is compatible with the build method of the previous version + * with the exception of the additional WSSecHeader parameter. + * + * @param doc The unsigned SOAP envelope as <code>Document</code> + * @param cr An instance of the Crypto API to handle keystore and certificates + * @param secHeader the security header element to hold the encrypted key element. + * @return A signed SOAP envelope as <code>Document</code> + * @throws WSSecurityException + */ + public Document build(Document doc, Crypto cr, WSSecHeader secHeader) + throws WSSecurityException { + doDebug = log.isDebugEnabled(); + + if (doDebug) { + log.debug("Beginning signing..."); + } + + prepare(doc, cr, secHeader); + if (parts == null) { + parts = new ArrayList<WSEncryptionPart>(1); + String soapNamespace = WSSecurityUtil.getSOAPNamespace(doc.getDocumentElement()); + WSEncryptionPart encP = + new WSEncryptionPart( + WSConstants.ELEM_BODY, + soapNamespace, + "Content" + ); + parts.add(encP); + } else { + for (WSEncryptionPart part : parts) { + if ("STRTransform".equals(part.getName()) && part.getId() == null) { + part.setId(strUri); + } + } + } + + List<javax.xml.crypto.dsig.Reference> referenceList = + addReferencesToSign(parts, secHeader); + + computeSignature(referenceList); + + // + // if we have a BST prepend it in front of the Signature according to + // strict layout rules. + // + if (bstToken != null) { + prependBSTElementToHeader(secHeader); + } + + return doc; + } + + + /** + * This method adds references to the Signature. + * + * @param references The list of references to sign + * @param secHeader The Security Header + * @throws WSSecurityException + */ + public List<javax.xml.crypto.dsig.Reference> addReferencesToSign( + List<WSEncryptionPart> references, + WSSecHeader secHeader + ) throws WSSecurityException { + return + addReferencesToSign( + document, + references, + wsDocInfo, + signatureFactory, + secHeader, + getWsConfig(), + digestAlgo + ); + } + + /** + * Returns the SignatureElement. + * The method can be called any time after <code>prepare()</code>. + * @return The DOM Element of the signature. + */ + public Element getSignatureElement() { + return + WSSecurityUtil.getDirectChildElement( + securityHeader, + WSConstants.SIG_LN, + WSConstants.SIG_NS + ); + } + + /** + * Prepend the BinarySecurityToken to the elements already in the Security + * header. + * + * The method can be called any time after <code>prepare()</code>. + * This allows to insert the BST element at any position in the Security + * header. + * + * @param secHeader The security header + */ + public void prependBSTElementToHeader(WSSecHeader secHeader) { + if (bstToken != null && !bstAddedToSecurityHeader) { + WSSecurityUtil.prependChildElement(secHeader.getSecurityHeader(), bstToken.getElement()); + bstAddedToSecurityHeader = true; + } + } + + /** + * Append the BinarySecurityToken to the security header. + * @param secHeader The security header + */ + public void appendBSTElementToHeader(WSSecHeader secHeader) { + if (bstToken != null && !bstAddedToSecurityHeader) { + Element secHeaderElement = secHeader.getSecurityHeader(); + secHeaderElement.appendChild(bstToken.getElement()); + bstAddedToSecurityHeader = true; + } + } + + /** + * Compute the Signature over the references. The signature element will be + * prepended to the security header. + * + * This method can be called any time after the references were set. See + * <code>addReferencesToSign()</code>. + * + * @param referenceList The list of references to sign + * + * @throws WSSecurityException + */ + public void computeSignature( + List<javax.xml.crypto.dsig.Reference> referenceList + ) throws WSSecurityException { + computeSignature(referenceList, true, null); + } + + /** + * Compute the Signature over the references. + * + * This method can be called any time after the references were set. See + * <code>addReferencesToSign()</code>. + * + * @param referenceList The list of references to sign + * @param prepend Whether to prepend the signature element to the security header + * @param siblingElement If prepending, then prepend before this sibling Element + * + * @throws WSSecurityException + */ + public void computeSignature( + List<javax.xml.crypto.dsig.Reference> referenceList, + boolean prepend, + Element siblingElement + ) throws WSSecurityException { + try { + java.security.Key key; + if (secretKey == null) { + key = crypto.getPrivateKey(user, password); + } else { + key = WSSecurityUtil.prepareSecretKey(sigAlgo, secretKey); + } + SignatureMethod signatureMethod = + signatureFactory.newSignatureMethod(sigAlgo, null); + SignedInfo signedInfo = + signatureFactory.newSignedInfo(c14nMethod, signatureMethod, referenceList); + + sig = signatureFactory.newXMLSignature( + signedInfo, + keyInfo, + null, + getWsConfig().getIdAllocator().createId("SIG-", null), + null); + + // + // Figure out where to insert the signature element + // + XMLSignContext signContext = null; + if (prepend) { + if (siblingElement == null) { + Node child = securityHeader.getFirstChild(); + while (child != null && child.getNodeType() != Node.ELEMENT_NODE) { + child = child.getNextSibling(); + } + siblingElement = (Element)child; + } + if (siblingElement == null) { + signContext = new DOMSignContext(key, securityHeader); + } else { + signContext = new DOMSignContext(key, securityHeader, siblingElement); + } + } else { + signContext = new DOMSignContext(key, securityHeader); + } + + signContext.putNamespacePrefix(WSConstants.SIG_NS, WSConstants.SIG_PREFIX); + if (WSConstants.C14N_EXCL_OMIT_COMMENTS.equals(canonAlgo)) { + signContext.putNamespacePrefix( + WSConstants.C14N_EXCL_OMIT_COMMENTS, + WSConstants.C14N_EXCL_OMIT_COMMENTS_PREFIX + ); + } + signContext.setProperty(STRTransform.TRANSFORM_WS_DOC_INFO, wsDocInfo); + wsDocInfo.setCallbackLookup(callbackLookup); + + // Add the elements to sign to the Signature Context + wsDocInfo.setTokensOnContext((DOMSignContext)signContext); + if (secRef != null && secRef.getElement() != null) { + WSSecurityUtil.storeElementInContext((DOMSignContext)signContext, secRef.getElement()); + } + sig.sign(signContext); + + signatureValue = sig.getSignatureValue().getValue(); + } catch (Exception ex) { + log.error(ex); + throw new WSSecurityException( + WSSecurityException.FAILED_SIGNATURE, null, null, ex + ); + } + } + + /** + * Set the single cert flag. + * + * @param useSingleCert + */ + public void setUseSingleCertificate(boolean useSingleCert) { + this.useSingleCert = useSingleCert; + } + + /** + * Get the single cert flag. + * + * @return A boolean if single certificate is set. + */ + public boolean isUseSingleCertificate() { + return useSingleCert; + } + + /** + * Set the name (uri) of the signature encryption algorithm to use. + * + * If the algorithm is not set then an automatic detection of the signature + * algorithm to use is performed during the <code>prepare()</code> + * method. Refer to WSConstants which algorithms are supported. + * + * @param algo the name of the signature algorithm + * @see WSConstants#RSA + * @see WSConstants#DSA + */ + public void setSignatureAlgorithm(String algo) { + sigAlgo = algo; + } + + /** + * Get the name (uri) of the signature algorithm that is being used. + * + * Call this method after <code>prepare</code> to get the information + * which signature algorithm was automatically detected if no signature + * algorithm was preset. + * + * @return the identifier URI of the signature algorithm + */ + public String getSignatureAlgorithm() { + return sigAlgo; + } + + /** + * Set the canonicalization method to use. + * + * If the canonicalization method is not set then the recommended Exclusive + * XML Canonicalization is used by default. Refer to WSConstants which + * algorithms are supported. + * + * @param algo Is the name of the signature algorithm + * @see WSConstants#C14N_OMIT_COMMENTS + * @see WSConstants#C14N_WITH_COMMENTS + * @see WSConstants#C14N_EXCL_OMIT_COMMENTS + * @see WSConstants#C14N_EXCL_WITH_COMMENTS + */ + public void setSigCanonicalization(String algo) { + canonAlgo = algo; + } + + /** + * Get the canonicalization method. + * + * If the canonicalization method was not set then Exclusive XML + * Canonicalization is used by default. + * + * @return The string describing the canonicalization algorithm. + */ + public String getSigCanonicalization() { + return canonAlgo; + } + + /** + * @return the digest algorithm to use + */ + public String getDigestAlgo() { + return digestAlgo; + } + + /** + * Set the string that defines which digest algorithm to use. + * The default is Constants.ALGO_ID_DIGEST_SHA1. + * + * @param digestAlgo the digestAlgo to set + */ + public void setDigestAlgo(String digestAlgo) { + this.digestAlgo = digestAlgo; + } + + + /** + * Returns the computed Signature value. + * + * Call this method after <code>computeSignature()</code> or <code>build()</code> + * methods were called. + * + * @return Returns the signatureValue. + */ + public byte[] getSignatureValue() { + return signatureValue; + } + + /** + * Get the id generated during <code>prepare()</code>. + * + * Returns the the value of wsu:Id attribute of the Signature element. + * + * @return Return the wsu:Id of this token or null if <code>prepare()</code> + * was not called before. + */ + public String getId() { + if (sig == null) { + return null; + } + return sig.getId(); + } + + /** + * Get the id of the BST generated during <code>prepare()</code>. + * + * @return Returns the the value of wsu:Id attribute of the + * BinaruSecurityToken element. + */ + public String getBSTTokenId() { + if (bstToken == null) { + return null; + } + return bstToken.getID(); + } + + /** + * Set the secret key to use + * @param secretKey the secret key to use + */ + public void setSecretKey(byte[] secretKey) { + this.secretKey = secretKey; + } + + /** + * Set the custom token value type to use + * @param customTokenValueType the custom token value type to use + */ + public void setCustomTokenValueType(String customTokenValueType) { + this.customTokenValueType = customTokenValueType; + } + + /** + * Set the custom token id + * @param customTokenId the custom token id + */ + public void setCustomTokenId(String customTokenId) { + this.customTokenId = customTokenId; + } + + /** + * Set the encrypted key sha1 value + * @param encrKeySha1value the encrypted key sha1 value + */ + public void setEncrKeySha1value(String encrKeySha1value) { + this.encrKeySha1value = encrKeySha1value; + } + + /** + * Set the X509 Certificate to use + * @param cer the X509 Certificate to use + */ + public void setX509Certificate(X509Certificate cer) { + this.useThisCert = cer; + } + + /** + * Returns the BST Token element. + * The method can be called any time after <code>prepare()</code>. + * @return the BST Token element + */ + public Element getBinarySecurityTokenElement() { + if (bstToken != null) { + return bstToken.getElement(); + } + return null; + } + + /** + * @return the URI associated with the SecurityTokenReference + * (must be called after {@link #prepare(Document, Crypto, WSSecHeader)} + */ + public String getSecurityTokenReferenceURI() { + return strUri; + } + + /** + * Get the SecurityTokenReference to be used in the KeyInfo element. + */ + public SecurityTokenReference getSecurityTokenReference() { + return secRef; + } + + /** + * Set the SecurityTokenReference to be used in the KeyInfo element. If this + * method is not called, a SecurityTokenRefence will be generated. + */ + public void setSecurityTokenReference(SecurityTokenReference secRef) { + useCustomSecRef = true; + this.secRef = secRef; + } + + /** + * Set up the X509 Certificate(s) for signing. + */ + private X509Certificate[] getSigningCerts() throws WSSecurityException { + X509Certificate[] certs = null; + if (!(keyIdentifierType == WSConstants.CUSTOM_SYMM_SIGNING + || keyIdentifierType == WSConstants.CUSTOM_SYMM_SIGNING_DIRECT + || keyIdentifierType == WSConstants.ENCRYPTED_KEY_SHA1_IDENTIFIER + || keyIdentifierType == WSConstants.CUSTOM_KEY_IDENTIFIER)) { + if (useThisCert == null) { + CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS); + cryptoType.setAlias(user); + certs = crypto.getX509Certificates(cryptoType); + } else { + certs = new X509Certificate[] {useThisCert}; + } + if (certs == null || certs.length <= 0) { + throw new WSSecurityException( + WSSecurityException.FAILURE, + "noUserCertsFound", + new Object[] { user, "signature" } + ); + } + certUri = getWsConfig().getIdAllocator().createSecureId("X509-", certs[0]); + // + // If no signature algorithm was set try to detect it according to the + // data stored in the certificate. + // + if (sigAlgo == null) { + String pubKeyAlgo = certs[0].getPublicKey().getAlgorithm(); + log.debug("Automatic signature algorithm detection: " + pubKeyAlgo); + if (pubKeyAlgo.equalsIgnoreCase("DSA")) { + sigAlgo = WSConstants.DSA; + } else if (pubKeyAlgo.equalsIgnoreCase("RSA")) { + sigAlgo = WSConstants.RSA; + } else { + throw new WSSecurityException( + WSSecurityException.FAILURE, + "unknownSignatureAlgorithm", + new Object[] {pubKeyAlgo} + ); + } + } + } + return certs; + } + +} [View Less]

12 years, 2 months

1
0
0 / 0

JBossWS SVN: r17299 - in thirdparty/cxf/branches/cxf-2.2.12-patch-04_JBPAPP-10628: rt/frontend/jaxws/src/main/java/org/apache/cxf/jaxws and 1 other directory.

by jbossws-commits＠lists.jboss.org

Author: mmusaji Date: 2013-02-12 09:25:18 -0500 (Tue, 12 Feb 2013) New Revision: 17299 Modified: thirdparty/cxf/branches/cxf-2.2.12-patch-04_JBPAPP-10628/ thirdparty/cxf/branches/cxf-2.2.12-patch-04_JBPAPP-10628/rt/frontend/jaxws/src/main/java/org/apache/cxf/jaxws/WrapperClassGenerator.java Log: [JBPAPP-10628] Changes to ensure @XMLJavaTypeAdapter is picked up on package-info level Property changes on: thirdparty/cxf/branches/cxf-2.2.12-patch-04_JBPAPP-10628 … [View More]___________________________________________________________________ Added: svn:mergeinfo + /thirdparty/cxf/branches/cxf-2.2.12-patch02_JBPAPP-10208:16915 Modified: thirdparty/cxf/branches/cxf-2.2.12-patch-04_JBPAPP-10628/rt/frontend/jaxws/src/main/java/org/apache/cxf/jaxws/WrapperClassGenerator.java =================================================================== --- thirdparty/cxf/branches/cxf-2.2.12-patch-04_JBPAPP-10628/rt/frontend/jaxws/src/main/java/org/apache/cxf/jaxws/WrapperClassGenerator.java 2013-02-12 14:24:29 UTC (rev 17298) +++ thirdparty/cxf/branches/cxf-2.2.12-patch-04_JBPAPP-10628/rt/frontend/jaxws/src/main/java/org/apache/cxf/jaxws/WrapperClassGenerator.java 2013-02-12 14:25:18 UTC (rev 17299) @@ -38,6 +38,7 @@ import javax.xml.bind.annotation.XmlMimeType; import javax.xml.bind.annotation.XmlNsForm; import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter; +import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapters; import javax.xml.namespace.QName; import javax.xml.ws.Holder; @@ -262,11 +263,47 @@ getClassCode(XmlNsForm.class), q ? "QUALIFIED" : "UNQUALIFIED"); av0.visitEnd(); + + if (clz.getPackage() != null && clz.getPackage().getAnnotations() != null) { + for (Annotation ann : clz.getPackage().getAnnotations()) { + if (ann instanceof XmlJavaTypeAdapters) { + av0 = cw.visitAnnotation("Ljavax/xml/bind/annotation/adapters/XmlJavaTypeAdapters;", + true); + generateXmlJavaTypeAdapters(av0, (XmlJavaTypeAdapters)ann); + av0.visitEnd(); + } else if (ann instanceof XmlJavaTypeAdapter) { + av0 = cw.visitAnnotation("Ljavax/xml/bind/annotation/adapters/XmlJavaTypeAdapter;", + true); + generateXmlJavaTypeAdapter(av0, (XmlJavaTypeAdapter)ann); + av0.visitEnd(); + } + } + } cw.visitEnd(); - + loadClass(className, clz, cw.toByteArray()); } + private void generateXmlJavaTypeAdapters(AnnotationVisitor av, XmlJavaTypeAdapters adapters) { + AnnotationVisitor av1 = av.visitArray("value"); + + for (XmlJavaTypeAdapter adapter : adapters.value()) { + AnnotationVisitor av2 + = av1.visitAnnotation(null, "Ljavax/xml/bind/annotation/adapters/XmlJavaTypeAdapter;"); + generateXmlJavaTypeAdapter(av2, adapter); + av2.visitEnd(); + } + av1.visitEnd(); + } + private void generateXmlJavaTypeAdapter(AnnotationVisitor av, XmlJavaTypeAdapter adapter) { + if (adapter.value() != null) { + av.visit("value", org.objectweb.asm.Type.getType(getClassCode(adapter.value()))); + } + if (adapter.type() != javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter.DEFAULT.class) { + av.visit("type", org.objectweb.asm.Type.getType(getClassCode(adapter.type()))); + } + } + private void generateMessagePart(ClassWriter cw, MessagePartInfo mpi, Method method, String className) { if (Boolean.TRUE.equals(mpi.getProperty(ReflectionServiceFactoryBean.HEADER))) { return; @@ -373,13 +410,7 @@ av0.visitEnd(); } else if (ann instanceof XmlJavaTypeAdapter) { av0 = fv.visitAnnotation("Ljavax/xml/bind/annotation/adapters/XmlJavaTypeAdapter;", true); - XmlJavaTypeAdapter adapter = (XmlJavaTypeAdapter)ann; - if (adapter.value() != null) { - av0.visit("value", org.objectweb.asm.Type.getType(getClassCode(adapter.value()))); - } - if (adapter.type() != javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter.DEFAULT.class) { - av0.visit("type", org.objectweb.asm.Type.getType(getClassCode(adapter.type()))); - } + generateXmlJavaTypeAdapter(av0, (XmlJavaTypeAdapter)ann); av0.visitEnd(); } else if (ann instanceof XmlAttachmentRef) { av0 = fv.visitAnnotation("Ljavax/xml/bind/annotation/XmlAttachmentRef;", true); [View Less]

12 years, 2 months

1
0
0 / 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jbossws-commits February 2013