perfsonar-dev - perfsonar: r3062 - trunk/perfsonar_base/src/main/java/org/perfsonar/service/base/authn/tokens
Subject: perfsonar development work
List archive
perfsonar: r3062 - trunk/perfsonar_base/src/main/java/org/perfsonar/service/base/authn/tokens
Chronological Thread
- From:
- To:
- Subject: perfsonar: r3062 - trunk/perfsonar_base/src/main/java/org/perfsonar/service/base/authn/tokens
- Date: Wed, 21 Nov 2007 05:36:38 -0500
Author: rodriguez
Date: 2007-11-21 05:36:37 -0500 (Wed, 21 Nov 2007)
New Revision: 3062
Modified:
trunk/perfsonar_base/src/main/java/org/perfsonar/service/base/authn/tokens/SecTokenSOAPManager.java
Log:
Fixing a bug...
Modified:
trunk/perfsonar_base/src/main/java/org/perfsonar/service/base/authn/tokens/SecTokenSOAPManager.java
===================================================================
---
trunk/perfsonar_base/src/main/java/org/perfsonar/service/base/authn/tokens/SecTokenSOAPManager.java
2007-11-21 10:18:39 UTC (rev 3061)
+++
trunk/perfsonar_base/src/main/java/org/perfsonar/service/base/authn/tokens/SecTokenSOAPManager.java
2007-11-21 10:36:37 UTC (rev 3062)
@@ -6,6 +6,7 @@
import javax.xml.namespace.NamespaceContext;
import javax.xml.soap.SOAPException;
+import javax.xml.soap.SOAPHeaderElement;
import javax.xml.xpath.XPath;
import javax.xml.xpath.XPathConstants;
import javax.xml.xpath.XPathExpression;
@@ -17,6 +18,7 @@
import org.apache.ws.security.WSSecurityEngine;
import org.apache.ws.security.components.crypto.Crypto;
import org.apache.ws.security.util.Base64;
+import org.opensaml.SAMLAssertion;
import org.perfsonar.base.auxiliary.AuxiliaryComponentManager;
import org.perfsonar.base.auxiliary.ComponentNames;
import org.perfsonar.base.auxiliary.components.authn.DynamicCrypto;
@@ -24,6 +26,7 @@
import org.perfsonar.base.exceptions.PerfSONARException;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
+import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
public class SecTokenSOAPManager implements SecTokenManager {
@@ -71,36 +74,55 @@
public Object getSTValue() throws PerfSONARException {
if (!hasSTInRequest())
return null;
+ Object res=null;
SOAPHeader sh=(SOAPHeader)getSTFromRequest();
-
- try {
- Document doc=sh.getAsDocument();
- Crypto crypto = new DynamicCrypto();
- WSSecurityEngine secEngine = new WSSecurityEngine();
- // If there is any problem validating the SOAP header, it
throws an exception
- secEngine.processSecurityHeader(doc, null, null, crypto);
+ Iterator it=sh.examineAllHeaderElements();
+ while (it.hasNext()) {
+ SOAPHeaderElement he=(SOAPHeaderElement)it.next();
+ Node assertion=he.getFirstChild();
+ if (assertion.getNodeName().equals("saml:Assertion"))
{
+ try {
+ Element e=(Element)assertion;
+ SAMLAssertion samlAs=new
SAMLAssertion(e);
+ res=samlAs;
+ } catch (Throwable t) {
+ t.printStackTrace();
+ String m = "SecTokenSOAPManager:
"+t.getMessage();
+ logger.info(m);
+ throw new
PerfSONARException("error.authn.getting_sec_token",m);
+ }
+ }
+ }
+ if (res==null) {
+ try {
+ Document doc=sh.getAsDocument();
+ Crypto crypto = new DynamicCrypto();
+ WSSecurityEngine secEngine = new
WSSecurityEngine();
+ // If there is any problem validating the
SOAP header, it throws an exception
+ secEngine.processSecurityHeader(doc, null,
null, crypto);
- XPathFactory factory = XPathFactory.newInstance();
- XPath xpath = factory.newXPath();
- xpath.setNamespaceContext(new WSSENamespaceContext());
- XPathExpression expr =
xpath.compile("//wsse:BinarySecurityToken");
- Object result = expr.evaluate(doc, XPathConstants.NODESET);
- NodeList nodes = (NodeList) result;
- for (int i = 0; i < nodes.getLength(); i++) {
- Element e=(Element)nodes.item(i);
- if
(e.getAttribute("ValueType").equals("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3";))
{
- byte[] bytes=Base64.decode(e.getTextContent());
- ByteArrayInputStream bais=new
ByteArrayInputStream(bytes);
- X509Certificate cert=crypto.loadCertificate(bais);
- return cert;
- }
- }
- } catch (Throwable t) {
- String m = "SecTokenSOAPManager: "+t.getMessage();
- logger.info(m);
- throw new
PerfSONARException("error.authn.getting_sec_token",m);
+ XPathFactory factory =
XPathFactory.newInstance();
+ XPath xpath = factory.newXPath();
+ xpath.setNamespaceContext(new
WSSENamespaceContext());
+ XPathExpression expr =
xpath.compile("//wsse:BinarySecurityToken");
+ Object result = expr.evaluate(doc,
XPathConstants.NODESET);
+ NodeList nodes = (NodeList) result;
+ for (int i = 0; i < nodes.getLength(); i++) {
+ Element e=(Element)nodes.item(i);
+ if
(e.getAttribute("ValueType").equals("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3";))
{
+ byte[]
bytes=Base64.decode(e.getTextContent());
+ ByteArrayInputStream bais=new
ByteArrayInputStream(bytes);
+ X509Certificate
cert=crypto.loadCertificate(bais);
+ res=cert;
+ }
+ }
+ } catch (Throwable t) {
+ String m = "SecTokenSOAPManager:
"+t.getMessage();
+ logger.info(m);
+ throw new
PerfSONARException("error.authn.getting_sec_token",m);
+ }
}
- return null;
+ return res;
}
class WSSENamespaceContext implements NamespaceContext {
@@ -119,4 +141,4 @@
throw new UnsupportedOperationException();
}
}
-}
+}
\ No newline at end of file
- perfsonar: r3062 - trunk/perfsonar_base/src/main/java/org/perfsonar/service/base/authn/tokens, svnlog, 11/21/2007
Archive powered by MHonArc 2.6.16.