This is an automated email from the ASF dual-hosted git repository.
billblough pushed a commit to branch 1_6
in repository https://gitbox.apache.org/repos/asf/axis-axis2-java-sandesha.git
commit cf0b75558320b45615fd9299fadce98d08e79cb5
Author: Sagara Gunathunga <sag...@apache.org>
AuthorDate: Thu Mar 1 13:25:54 2012 +0000
Merged r1241032 to the 1.6 branch.
---
.../org/apache/sandesha2/interop/PWCallback.java | 14 ++++++-------
.../rampart/RampartBasedSecurityManager.java | 24 +++++++++++++---------
2 files changed, 21 insertions(+), 17 deletions(-)
diff --git
a/modules/interop/src/main/java/org/apache/sandesha2/interop/PWCallback.java
b/modules/interop/src/main/java/org/apache/sandesha2/interop/PWCallback.java
index 59eccb1..24a5e70 100644
--- a/modules/interop/src/main/java/org/apache/sandesha2/interop/PWCallback.java
+++ b/modules/interop/src/main/java/org/apache/sandesha2/interop/PWCallback.java
@@ -108,13 +108,13 @@ public class PWCallback implements CallbackHandler {
if (pc.getUsage() ==
WSPasswordCallback.USERNAME_TOKEN_UNKNOWN) {
- if(pc.getIdentifer().equals("Ron") &&
pc.getPassword().equals("noR")) {
+ if(pc.getIdentifier().equals("Ron") &&
pc.getPassword().equals("noR")) {
return;
}
- if(pc.getIdentifer().equals("joe") &&
pc.getPassword().equals("eoj")) {
+ if(pc.getIdentifier().equals("joe") &&
pc.getPassword().equals("eoj")) {
return;
@@ -148,23 +148,23 @@ public class PWCallback implements CallbackHandler {
pc.setKey(key);
- } else if(pc.getIdentifer().equals("alice")) {
+ } else if(pc.getIdentifier().equals("alice")) {
pc.setPassword("password");
- } else if(pc.getIdentifer().equals("bob")) {
+ } else if(pc.getIdentifier().equals("bob")) {
pc.setPassword("password");
- } else if(pc.getIdentifer().equals("Ron")) {
+ } else if(pc.getIdentifier().equals("Ron")) {
pc.setPassword("noR");
- } else if(pc.getIdentifer().equals("joe")) {
+ } else if(pc.getIdentifier().equals("joe")) {
pc.setPassword("eoj");
- } else if(pc.getIdentifer().equals("ip")) {
+ } else if(pc.getIdentifier().equals("ip")) {
pc.setPassword("password");
diff --git
a/modules/rampart-integration/src/main/java/org/apache/sandesha2/security/rampart/RampartBasedSecurityManager.java
b/modules/rampart-integration/src/main/java/org/apache/sandesha2/security/rampart/RampartBasedSecurityManager.java
index 799dae3..b0876fd 100644
---
a/modules/rampart-integration/src/main/java/org/apache/sandesha2/security/rampart/RampartBasedSecurityManager.java
+++
b/modules/rampart-integration/src/main/java/org/apache/sandesha2/security/rampart/RampartBasedSecurityManager.java
@@ -91,8 +91,8 @@ public class RampartBasedSecurityManager extends
SecurityManager {
OMElement messagePart, MessageContext message)
throws SandeshaException {
- Vector results = null;
- if ((results = (Vector) message
+ List<WSHandlerResult> results = null;
+ if ((results = (List<WSHandlerResult>) message
.getProperty(WSHandlerConstants.RECV_RESULTS))
== null) {
String msg = SandeshaMessageHelper
.getMessage(SandeshaMessageKeys.noSecurityResults);
@@ -100,17 +100,17 @@ public class RampartBasedSecurityManager extends
SecurityManager {
} else {
boolean verified = false;
for (int i = 0; i < results.size() && !verified; i++) {
- WSHandlerResult rResult = (WSHandlerResult)
results.get(i);
- Vector wsSecEngineResults =
rResult.getResults();
+ WSHandlerResult rResult = results.get(i);
+ List<WSSecurityEngineResult> wsSecEngineResults
= rResult.getResults();
for (int j = 0; j < wsSecEngineResults.size()
&& !verified; j++) {
- WSSecurityEngineResult wser =
(WSSecurityEngineResult) wsSecEngineResults
+ WSSecurityEngineResult wser =
wsSecEngineResults
.get(j);
- if (wser.getAction() == WSConstants.SIGN
- && wser.getPrincipal()
!= null) {
+ if
((Integer)wser.get(WSSecurityEngineResult.TAG_ACTION) == WSConstants.SIGN
+ &&
wser.get(WSSecurityEngineResult.TAG_PRINCIPAL) != null) {
// first verify the base token
- Principal principal =
wser.getPrincipal();
+ Principal principal =
(Principal)wser.get(WSSecurityEngineResult.TAG_PRINCIPAL);
if (principal instanceof
WSDerivedKeyTokenPrincipal) {
//Get the id of the SCT
that was used to create the DKT
String baseTokenId =
((WSDerivedKeyTokenPrincipal) principal)
@@ -145,9 +145,13 @@ public class RampartBasedSecurityManager extends
SecurityManager {
OMAttribute idattr = messagePart
.getAttribute(new QName(
WSConstants.WSU_NS, "Id"));
-
verified = wser.getSignedElements()
+ String processedId =
(String)wser.get(WSSecurityEngineResult.TAG_ID);
+
+ // Please review following code
+ verified =
processedId.equals(idattr.getAttributeValue());
+
/*verified = wser.getSignedElements()
.contains(
-
idattr.getAttributeValue());
+
idattr.getAttributeValue());*/
if
(verified) {
break;
}
