Author: alessio.soldano(a)jboss.com
Date: 2010-05-14 11:08:02 -0400 (Fri, 14 May 2010)
New Revision: 12237
Modified:
stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/AuthenticationManagerLoader.java
stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/SubjectCreatingInterceptor.java
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/ServerUsernamePasswordCallback.java
Log:
[JBWS-2210] Minor changes
Modified:
stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/AuthenticationManagerLoader.java
===================================================================
---
stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/AuthenticationManagerLoader.java 2010-05-14
11:43:43 UTC (rev 12236)
+++
stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/AuthenticationManagerLoader.java 2010-05-14
15:08:02 UTC (rev 12237)
@@ -21,8 +21,6 @@
*/
package org.jboss.wsf.stack.cxf.security.authentication;
-import java.util.Hashtable;
-
import javax.naming.Context;
import javax.naming.InitialContext;
import javax.naming.NamingException;
Modified:
stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/SubjectCreatingInterceptor.java
===================================================================
---
stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/SubjectCreatingInterceptor.java 2010-05-14
11:43:43 UTC (rev 12236)
+++
stack/cxf/trunk/modules/server/src/main/java/org/jboss/wsf/stack/cxf/security/authentication/SubjectCreatingInterceptor.java 2010-05-14
15:08:02 UTC (rev 12237)
@@ -21,22 +21,16 @@
*/
package org.jboss.wsf.stack.cxf.security.authentication;
-import java.util.Calendar;
+import java.security.Principal;
import java.util.Collections;
import java.util.Map;
-import java.security.Principal;
-import java.security.acl.Group;
import javax.security.auth.Subject;
-import org.apache.cxf.common.classloader.ClassLoaderUtils;
import org.apache.cxf.common.security.SimplePrincipal;
import org.apache.cxf.ws.security.wss4j.AbstractUsernameTokenAuthenticatingInterceptor;
-
import org.jboss.logging.Logger;
-
import org.jboss.security.AuthenticationManager;
-
import org.jboss.wsf.spi.SPIProvider;
import org.jboss.wsf.spi.SPIProviderResolver;
import org.jboss.wsf.spi.invocation.SecurityAdaptor;
@@ -51,9 +45,6 @@
public class SubjectCreatingInterceptor extends
AbstractUsernameTokenAuthenticatingInterceptor
{
private static final Logger log = Logger.getLogger(SubjectCreatingInterceptor.class);
- private static final int TIMESTAMP_FRESHNESS_THRESHOLD = 300;
-
- // private NonceStore nonceStore;
private SecurityAdaptorFactory secAdaptorFactory;
public SubjectCreatingInterceptor()
@@ -91,7 +82,7 @@
// verify timestamp and nonce if digest
if (isDigest)
{
- verifyUsernameToken(nonce, created);
+ //verifyUsernameToken(nonce, created);
// CallbackHandler cb = new UsernameTokenCallbackHandler(nonce, created);
// CallbackHandlerPolicyContextHandler.setCaallbackHandler(cb);
}
@@ -124,21 +115,26 @@
return subject;
}
+ /** TODO: JBWS-3028
+ private static final int TIMESTAMP_FRESHNESS_THRESHOLD = 300;
+ private NonceStore nonceStore;
+
private void verifyUsernameToken(String nonce, String created)
{
-// if (created != null)
-// {
-// Calendar cal = SimpleTypeBindings.unmarshalDateTime(created);
-// Calendar ref = Calendar.getInstance();
-// ref.add(Calendar.SECOND, -TIMESTAMP_FRESHNESS_THRESHOLD);
-// if (ref.after(cal))
-// throw new SecurityException("Request rejected since a stale timestamp
has been provided: " + created);
-// }
-//
-// if (nonce != null)
-// {
-// if (nonceStore.hasNonce(nonce))
-// throw new SecurityException("Request rejected since a message with the
same nonce has been recently received; nonce = " + nonce);
-// }
+ if (created != null)
+ {
+ Calendar cal = SimpleTypeBindings.unmarshalDateTime(created);
+ Calendar ref = Calendar.getInstance();
+ ref.add(Calendar.SECOND, -TIMESTAMP_FRESHNESS_THRESHOLD);
+ if (ref.after(cal))
+ throw new SecurityException("Request rejected since a stale timestamp
has been provided: " + created);
+ }
+
+ if (nonce != null)
+ {
+ if (nonceStore.hasNonce(nonce))
+ throw new SecurityException("Request rejected since a message with the
same nonce has been recently received; nonce = " + nonce);
+ }
}
+ */
}
Modified:
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/ServerUsernamePasswordCallback.java
===================================================================
---
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/ServerUsernamePasswordCallback.java 2010-05-14
11:43:43 UTC (rev 12236)
+++
stack/cxf/trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/ServerUsernamePasswordCallback.java 2010-05-14
15:08:02 UTC (rev 12237)
@@ -33,7 +33,7 @@
public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException
{
WSPasswordCallback pc = (WSPasswordCallback)callbacks[0];
- if (!("kermit".equals(pc.getIdentifer()) &&
"thefrog".equals(pc.getPassword())))
- throw new SecurityException("User '" + pc.getIdentifer() +
"' with password '" + pc.getPassword() + "' not
allowed.");
+ if (!("kermit".equals(pc.getIdentifier()) &&
"thefrog".equals(pc.getPassword())))
+ throw new SecurityException("User '" + pc.getIdentifier() +
"' with password '" + pc.getPassword() + "' not
allowed.");
}
}
Show replies by date