Author: alessio.soldano(a)jboss.com Date: 2008-02-20 13:59:33 -0500 (Wed, 20 Feb 2008) New Revision: 5754 Added: stack/native/trunk/src/main/java/org/jboss/ws/extensions/security/SignatureKeysAssociation.java Modified: stack/native/trunk/src/main/java/org/jboss/ws/core/utils/ThreadLocalAssociation.java stack/native/trunk/src/main/java/org/jboss/ws/extensions/security/Constants.java stack/native/trunk/src/main/java/org/jboss/ws/extensions/security/EncryptionOperation.java stack/native/trunk/src/main/java/org/jboss/ws/extensions/security/SignatureVerificationOperation.java Log: [JBWS-1814] Better implementation, fixes regression on hudson Modified: stack/native/trunk/src/main/java/org/jboss/ws/core/utils/ThreadLocalAssociation.java =================================================================== --- stack/native/trunk/src/main/java/org/jboss/ws/core/utils/ThreadLocalAssociation.java 2008-02-20 17:02:34 UTC (rev 5753) +++ stack/native/trunk/src/main/java/org/jboss/ws/core/utils/ThreadLocalAssociation.java 2008-02-20 18:59:33 UTC (rev 5754) @@ -23,6 +23,8 @@ // $Id$ +import java.security.PublicKey; +import java.util.List; import java.util.Stack; import org.jboss.ws.core.CommonMessageContext; @@ -47,6 +49,11 @@ * @see org.jboss.ws.extensions.security.STRTransform */ private static ThreadLocal<SecurityStore> strTransformAssoc = new ThreadLocal<SecurityStore>(); + + /** + * Public keys used to sign incoming message + */ + private static ThreadLocal<List<PublicKey>> signatureKeysAssoc = new ThreadLocal<List<PublicKey>>(); public static ThreadLocal<Stack<CommonMessageContext>> localMsgContextAssoc() { @@ -57,10 +64,16 @@ { return strTransformAssoc; } + + public static ThreadLocal<List<PublicKey>> localSignatureKeysAssoc() + { + return signatureKeysAssoc; + } public static void clear() { msgContextAssoc.remove(); strTransformAssoc.remove(); + signatureKeysAssoc.remove(); } } Modified: stack/native/trunk/src/main/java/org/jboss/ws/extensions/security/Constants.java =================================================================== --- stack/native/trunk/src/main/java/org/jboss/ws/extensions/security/Constants.java 2008-02-20 17:02:34 UTC (rev 5753) +++ stack/native/trunk/src/main/java/org/jboss/ws/extensions/security/Constants.java 2008-02-20 18:59:33 UTC (rev 5754) @@ -71,6 +71,4 @@ public static final String XENC_CONTENT_TYPE = EncryptionConstants.TYPE_CONTENT; public static final QName WSSE_HEADER_QNAME = new QName(WSSE_NS, "Security"); - - public static final String SIGNATURE_KEYS = "org.jboss.ws.wsse.signaturePublicKeys"; } Modified: stack/native/trunk/src/main/java/org/jboss/ws/extensions/security/EncryptionOperation.java =================================================================== --- stack/native/trunk/src/main/java/org/jboss/ws/extensions/security/EncryptionOperation.java 2008-02-20 17:02:34 UTC (rev 5753) +++ stack/native/trunk/src/main/java/org/jboss/ws/extensions/security/EncryptionOperation.java 2008-02-20 18:59:33 UTC (rev 5754) @@ -37,7 +37,6 @@ import org.apache.xml.security.encryption.XMLCipher; import org.apache.xml.security.exceptions.XMLSecurityException; import org.jboss.util.NotImplementedException; -import org.jboss.ws.core.soap.MessageContextAssociation; import org.jboss.ws.extensions.security.element.EncryptedKey; import org.jboss.ws.extensions.security.element.Reference; import org.jboss.ws.extensions.security.element.ReferenceList; @@ -189,7 +188,7 @@ } else { - List<PublicKey> publicKeys = (List<PublicKey>)MessageContextAssociation.peekMessageContext().get(Constants.SIGNATURE_KEYS); + List<PublicKey> publicKeys = SignatureKeysAssociation.getPublicKeys(); if (publicKeys != null && publicKeys.size() == 1) cert = store.getCertificateByPublicKey(publicKeys.iterator().next()); if (cert == null) Added: stack/native/trunk/src/main/java/org/jboss/ws/extensions/security/SignatureKeysAssociation.java =================================================================== --- stack/native/trunk/src/main/java/org/jboss/ws/extensions/security/SignatureKeysAssociation.java (rev 0) +++ stack/native/trunk/src/main/java/org/jboss/ws/extensions/security/SignatureKeysAssociation.java 2008-02-20 18:59:33 UTC (rev 5754) @@ -0,0 +1,57 @@ +/* +* JBoss, Home of Professional Open Source +* Copyright 2005, JBoss Inc., and individual contributors as indicated +* by the @authors tag. See the copyright.txt in the distribution for a +* full listing of individual contributors. +* +* This is free software; you can redistribute it and/or modify it +* under the terms of the GNU Lesser General Public License as +* published by the Free Software Foundation; either version 2.1 of +* the License, or (at your option) any later version. +* +* This software is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +* Lesser General Public License for more details. +* +* You should have received a copy of the GNU Lesser General Public +* License along with this software; if not, write to the Free +* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +* 02110-1301 USA, or see the FSF site: http://www.fsf.org. +*/ +package org.jboss.ws.extensions.security; + +//$Id$ + +import java.security.PublicKey; +import java.util.LinkedList; +import java.util.List; + +import org.jboss.ws.core.utils.ThreadLocalAssociation; + +/** + * This is used to save the public keys an incoming message is signed with; + * this is achieved using the a thread local list and is used by the encryption + * operation when handling the outbound message. + * + * @author alessio.soldano(a)jboss.com + * @since 20-Feb-2008 + */ +public class SignatureKeysAssociation +{ + public static List<PublicKey> getPublicKeys() + { + return ThreadLocalAssociation.localSignatureKeysAssoc().get(); + } + + public static void saveKey(PublicKey key) + { + List<PublicKey> pkList = ThreadLocalAssociation.localSignatureKeysAssoc().get(); + if (pkList == null) + { + pkList = new LinkedList<PublicKey>(); + ThreadLocalAssociation.localSignatureKeysAssoc().set(pkList); + } + pkList.add(key); + } +} Property changes on: stack/native/trunk/src/main/java/org/jboss/ws/extensions/security/SignatureKeysAssociation.java ___________________________________________________________________ Name: svn:keywords + Id Revision Name: svn:eol-style + LF Modified: stack/native/trunk/src/main/java/org/jboss/ws/extensions/security/SignatureVerificationOperation.java =================================================================== --- stack/native/trunk/src/main/java/org/jboss/ws/extensions/security/SignatureVerificationOperation.java 2008-02-20 17:02:34 UTC (rev 5753) +++ stack/native/trunk/src/main/java/org/jboss/ws/extensions/security/SignatureVerificationOperation.java 2008-02-20 18:59:33 UTC (rev 5754) @@ -21,18 +21,13 @@ */ package org.jboss.ws.extensions.security; -import java.security.PublicKey; import java.util.ArrayList; import java.util.Collection; -import java.util.LinkedList; -import java.util.List; import org.apache.xml.security.exceptions.XMLSecurityException; import org.apache.xml.security.signature.SignedInfo; import org.apache.xml.security.signature.XMLSignature; import org.apache.xml.security.signature.XMLSignatureException; -import org.jboss.ws.core.CommonMessageContext; -import org.jboss.ws.core.soap.MessageContextAssociation; import org.jboss.ws.extensions.security.element.SecurityHeader; import org.jboss.ws.extensions.security.element.SecurityProcess; import org.jboss.ws.extensions.security.element.Signature; @@ -65,7 +60,7 @@ if (! xmlSig.checkSignatureValue(signature.getPublicKey())) throw new FailedCheckException("Signature is invalid."); - savePublicKey(signature.getPublicKey()); + SignatureKeysAssociation.saveKey(signature.getPublicKey()); } catch (XMLSignatureException e) { @@ -95,24 +90,4 @@ return processed; } - - /** - * Save the public key the incoming message was signed with into the context; - * this way it could be retrieved and used by the encryption operation - * when handling the outbound message. - * - * @param key - */ - @SuppressWarnings("unchecked") - private void savePublicKey(PublicKey key) - { - CommonMessageContext ctx = MessageContextAssociation.peekMessageContext(); - List<PublicKey> pkList = (List<PublicKey>)ctx.get(Constants.SIGNATURE_KEYS); - if (pkList == null) - { - pkList = new LinkedList<PublicKey>(); - ctx.put(Constants.SIGNATURE_KEYS, pkList); - } - pkList.add(key); - } }