Skip to content

Commit 47a984d

Browse files
robertlazarskirobertlazarski
committed
Big update to fix samples 1 thru 9. Also fix or remove a bunch of old http links
1 parent 74b1038 commit 47a984d

File tree

32 files changed

+958
-264
lines changed

32 files changed

+958
-264
lines changed

modules/distribution/bin.xml

Lines changed: 33 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -15,23 +15,37 @@
1515
<dependencySet>
1616
<outputDirectory>lib</outputDirectory>
1717
<includes>
18-
<include>org.apache.wss4j:wss4j:jar</include>
1918
<include>org.apache.wss4j:wss4j-ws-security-common:jar</include>
2019
<include>org.apache.wss4j:wss4j-ws-security-dom:jar</include>
20+
<include>org.apache.wss4j:wss4j-ws-security-stax:jar</include>
2121
<include>org.apache.wss4j:wss4j-policy:jar</include>
22+
<include>org.apache.wss4j:wss4j-bindings:jar</include>
2223
<include>org.bouncycastle:bcprov-jdk18on:jar</include>
2324
<include>org.apache.rampart:rampart-core:jar</include>
2425
<include>org.apache.rampart:rampart-policy:jar</include>
2526
<include>org.apache.rampart:rampart-trust:jar</include>
26-
<include>org.opensaml:opensaml:jar</include>
27+
<include>org.opensaml:opensaml-core:jar</include>
28+
<include>org.opensaml:opensaml-saml-api:jar</include>
29+
<include>org.opensaml:opensaml-saml-impl:jar</include>
2730
<include>org.opensaml:opensaml-soap-impl:jar</include>
2831
<include>org.opensaml:opensaml-soap-api:jar</include>
2932
<include>org.opensaml:opensaml-xacml-impl:jar</include>
3033
<include>org.opensaml:opensaml-xacml-api:jar</include>
34+
<include>org.opensaml:opensaml-xmlsec-api:jar</include>
35+
<include>org.opensaml:opensaml-xmlsec-impl:jar</include>
36+
<include>org.opensaml:opensaml-security-api:jar</include>
37+
<include>org.opensaml:opensaml-security-impl:jar</include>
38+
<include>net.shibboleth.utilities:java-support:jar</include>
39+
<include>net.shibboleth:cryptography-api:jar</include>
40+
<include>io.dropwizard.metrics:metrics-core:jar</include>
41+
<include>org.cryptacular:cryptacular:jar</include>
3142
<include>org.apache.santuario:xmlsec:jar</include>
3243
<include>org.owasp.esapi:esapi:jar</include>
3344
<include>org.slf4j:slf4j-api:jar</include>
34-
<include>org.slf4j:jcl-over-slf4j:jar</include>
45+
<include>org.apache.logging.log4j:log4j-jcl:jar</include>
46+
<include>org.apache.logging.log4j:log4j-slf4j-impl:jar</include>
47+
<include>org.apache.logging.log4j:log4j-core:jar</include>
48+
<include>org.apache.logging.log4j:log4j-api:jar</include>
3549
<include>velocity:velocity:jar</include>
3650
<include>commons-lang:commons-lang:jar</include>
3751
</includes>
@@ -54,6 +68,22 @@
5468
<directory>src/main/files</directory>
5569
<outputDirectory>.</outputDirectory>
5670
</fileSet>
71+
<fileSet>
72+
<directory>src/main/resources</directory>
73+
<outputDirectory>lib</outputDirectory>
74+
<includes>
75+
<include>log4j2.xml</include>
76+
<include>commons-logging.properties</include>
77+
</includes>
78+
</fileSet>
79+
<fileSet>
80+
<directory>src/main/resources</directory>
81+
<outputDirectory>conf</outputDirectory>
82+
<includes>
83+
<include>log4j2.xml</include>
84+
<include>commons-logging.properties</include>
85+
</includes>
86+
</fileSet>
5787
</fileSets>
5888

5989
<files>

modules/distribution/pom.xml

Lines changed: 33 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -143,10 +143,40 @@
143143
<type>pom</type>
144144
<scope>import</scope>
145145
</dependency>
146+
<!-- Log4j2 Commons Logging bridge - replaces commons-logging -->
146147
<dependency>
147-
<groupId>commons-logging</groupId>
148-
<artifactId>commons-logging</artifactId>
149-
<version>1.2</version>
148+
<groupId>org.apache.logging.log4j</groupId>
149+
<artifactId>log4j-jcl</artifactId>
150+
<version>2.18.0</version>
151+
<exclusions>
152+
<exclusion>
153+
<groupId>commons-logging</groupId>
154+
<artifactId>commons-logging</artifactId>
155+
</exclusion>
156+
</exclusions>
157+
</dependency>
158+
<!-- SLF4J-Log4j2 bridge for third-party libraries -->
159+
<dependency>
160+
<groupId>org.apache.logging.log4j</groupId>
161+
<artifactId>log4j-slf4j-impl</artifactId>
162+
<version>2.18.0</version>
163+
<exclusions>
164+
<exclusion>
165+
<groupId>org.slf4j</groupId>
166+
<artifactId>jcl-over-slf4j</artifactId>
167+
</exclusion>
168+
</exclusions>
169+
</dependency>
170+
<!-- Log4j2 core implementation -->
171+
<dependency>
172+
<groupId>org.apache.logging.log4j</groupId>
173+
<artifactId>log4j-core</artifactId>
174+
<version>2.18.0</version>
175+
</dependency>
176+
<dependency>
177+
<groupId>org.apache.logging.log4j</groupId>
178+
<artifactId>log4j-api</artifactId>
179+
<version>2.18.0</version>
150180
</dependency>
151181
</dependencies>
152182

modules/rampart-core/src/main/java/org/apache/rampart/MessageBuilder.java

Lines changed: 142 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -29,6 +29,8 @@
2929
import org.apache.commons.logging.Log;
3030
import org.apache.commons.logging.LogFactory;
3131
import org.apache.rahas.RahasConstants;
32+
import org.apache.rahas.Token;
33+
import org.apache.rahas.TokenStorage;
3234
import org.apache.rahas.TrustUtil;
3335
import org.apache.rampart.builder.AsymmetricBindingBuilder;
3436
import org.apache.rampart.builder.SymmetricBindingBuilder;
@@ -50,29 +52,111 @@
5052
import javax.xml.namespace.QName;
5153

5254
public class MessageBuilder {
53-
55+
5456
private static Log log = LogFactory.getLog(MessageBuilder.class);
57+
private static final String VERSION_ID = "2025-11-01-MESSAGEBUILDER-DEBUG-v2";
5558

5659
public void build(MessageContext msgCtx) throws WSSPolicyException,
5760
RampartException, WSSecurityException, AxisFault {
5861

62+
// Log key message context properties that affect security header creation
63+
Object rampartPolicy = msgCtx.getOptions().getProperty(RampartMessageData.KEY_RAMPART_POLICY);
64+
Object customToken = msgCtx.getOptions().getProperty(RampartMessageData.KEY_CUSTOM_ISSUED_TOKEN);
65+
66+
if (log.isDebugEnabled()) {
67+
String timestamp = java.time.LocalDateTime.now().format(java.time.format.DateTimeFormatter.ofPattern("yyyy-MM-dd HH:mm:ss.SSS"));
68+
log.debug("=== MESSAGEBUILDER: Starting build for message ===");
69+
log.debug("MessageBuilder TIMESTAMP: " + timestamp);
70+
log.debug("MessageBuilder VERSION: " + VERSION_ID);
71+
log.debug("MessageBuilder: Action = " + msgCtx.getOptions().getAction());
72+
log.debug("MessageBuilder: To = " + msgCtx.getOptions().getTo());
73+
log.debug("MessageBuilder: Message flow = " + (msgCtx.getFLOW() == MessageContext.IN_FLOW ? "IN_FLOW" :
74+
msgCtx.getFLOW() == MessageContext.OUT_FLOW ? "OUT_FLOW" :
75+
msgCtx.getFLOW() == MessageContext.IN_FAULT_FLOW ? "IN_FAULT_FLOW" :
76+
msgCtx.getFLOW() == MessageContext.OUT_FAULT_FLOW ? "OUT_FAULT_FLOW" : "UNKNOWN"));
77+
78+
log.debug("MessageBuilder: RampartPolicy property = " + (rampartPolicy != null ? "present" : "null"));
79+
log.debug("MessageBuilder: CustomIssuedToken property = " + (customToken != null ? customToken : "null"));
80+
}
81+
5982
Axis2Util.useDOOM(true);
60-
83+
6184
RampartMessageData rmd = new RampartMessageData(msgCtx, true);
62-
63-
85+
86+
6487
RampartPolicyData rpd = rmd.getPolicyData();
65-
if(rpd == null || isSecurityValidationFault(msgCtx) ||
66-
!RampartUtil.isSecHeaderRequired(rpd, rmd.isInitiator(),false)) {
67-
88+
log.debug("MessageBuilder: PolicyData available = " + (rpd != null));
89+
if (rpd != null) {
90+
log.debug("MessageBuilder: Policy has SupportingTokens = " + (rpd.getSupportingTokens() != null));
91+
log.debug("MessageBuilder: Policy binding type = " +
92+
(rpd.isTransportBinding() ? "Transport" :
93+
rpd.isSymmetricBinding() ? "Symmetric" :
94+
rpd.isAsymmetricBinding() ? "Asymmetric" : "Unknown"));
95+
log.debug("MessageBuilder: EncryptionToken = " + (rpd.getEncryptionToken() != null ? rpd.getEncryptionToken().getClass().getSimpleName() : "null"));
96+
log.debug("MessageBuilder: SignatureToken = " + (rpd.getSignatureToken() != null ? rpd.getSignatureToken().getClass().getSimpleName() : "null"));
97+
98+
// Log additional custom issued token details
99+
log.debug("MessageBuilder: Custom issued token present = " + (customToken != null));
100+
if (customToken != null) {
101+
log.debug("MessageBuilder: Custom issued token value = " + customToken);
102+
}
103+
104+
// Check token storage
105+
try {
106+
TokenStorage tokenStorage = rmd.getTokenStorage();
107+
log.debug("MessageBuilder: TokenStorage available = " + (tokenStorage != null));
108+
if (tokenStorage != null && customToken != null) {
109+
Token token = tokenStorage.getToken((String)customToken);
110+
log.debug("MessageBuilder: Token found in storage = " + (token != null));
111+
if (token != null) {
112+
log.debug("MessageBuilder: Token ID = " + token.getId());
113+
log.debug("MessageBuilder: Token has secret = " + (token.getSecret() != null));
114+
}
115+
}
116+
} catch (Exception e) {
117+
log.debug("MessageBuilder: Error checking token storage: " + e.getMessage());
118+
}
119+
}
120+
log.debug("MessageBuilder: isInitiator = " + rmd.isInitiator());
121+
log.debug("MessageBuilder: isSecurityValidationFault = " + isSecurityValidationFault(msgCtx));
122+
123+
boolean secHeaderRequired = rpd != null ? RampartUtil.isSecHeaderRequired(rpd, rmd.isInitiator(),false) : false;
124+
if (log.isDebugEnabled()) {
125+
log.debug("MessageBuilder: isSecHeaderRequired = " + secHeaderRequired);
126+
}
127+
128+
if(rpd == null || isSecurityValidationFault(msgCtx) || !secHeaderRequired) {
129+
log.warn("MessageBuilder: EARLY RETURN - No security header will be added");
130+
log.warn("MessageBuilder: rpd null = " + (rpd == null));
131+
log.warn("MessageBuilder: validation fault = " + isSecurityValidationFault(msgCtx));
132+
log.warn("MessageBuilder: sec header not required = " + !secHeaderRequired);
133+
if (rpd != null && !secHeaderRequired) {
134+
log.warn("MessageBuilder: Policy exists but sec header not required - diagnosing policy");
135+
log.warn("MessageBuilder: isInitiator = " + rmd.isInitiator());
136+
log.warn("MessageBuilder: Policy binding type = " +
137+
(rpd.isTransportBinding() ? "Transport" :
138+
rpd.isSymmetricBinding() ? "Symmetric" :
139+
rpd.isAsymmetricBinding() ? "Asymmetric" : "Unknown"));
140+
log.warn("MessageBuilder: Policy includeTimestamp = " + rpd.isIncludeTimestamp());
141+
}
142+
68143
WSSecHeader secHeader = rmd.getSecHeader();
69-
144+
70145
if ( secHeader != null && secHeader.isEmpty() ) {
71146
secHeader.removeSecurityHeader();
72147
}
73-
148+
74149
return;
75150
}
151+
152+
if (log.isDebugEnabled()) {
153+
log.debug("MessageBuilder: PROCEEDING to add security header");
154+
log.debug("MessageBuilder: isInitiator = " + rmd.isInitiator());
155+
log.debug("MessageBuilder: Policy binding type = " +
156+
(rpd.isTransportBinding() ? "Transport" :
157+
rpd.isSymmetricBinding() ? "Symmetric" :
158+
rpd.isAsymmetricBinding() ? "Asymmetric" : "Unknown"));
159+
}
76160

77161
//Copy the RECV_RESULTS if available
78162
if(!rmd.isInitiator()) {
@@ -134,27 +218,68 @@ public void build(MessageContext msgCtx) throws WSSPolicyException,
134218
}
135219

136220
if(rpd.isTransportBinding()) {
137-
log.debug("Building transport binding");
221+
log.debug("MessageBuilder: Building transport binding");
138222
TransportBindingBuilder building = new TransportBindingBuilder();
139223
building.build(rmd);
224+
log.debug("MessageBuilder: TransportBinding build completed");
140225
} else if(rpd.isSymmetricBinding()) {
141-
log.debug("Building SymmetricBinding");
226+
log.debug("MessageBuilder: Building SymmetricBinding");
142227
SymmetricBindingBuilder builder = new SymmetricBindingBuilder();
143-
builder.build(rmd);
228+
try {
229+
builder.build(rmd);
230+
log.debug("MessageBuilder: SymmetricBinding build completed successfully");
231+
} catch (Exception e) {
232+
log.debug("MessageBuilder: SymmetricBinding build FAILED: " + e.getMessage());
233+
e.printStackTrace();
234+
throw e;
235+
}
144236
} else {
237+
log.debug("MessageBuilder: Building AsymmetricBinding");
145238
AsymmetricBindingBuilder builder = new AsymmetricBindingBuilder();
146-
builder.build(rmd);
239+
try {
240+
builder.build(rmd);
241+
log.debug("MessageBuilder: AsymmetricBinding build completed successfully");
242+
} catch (Exception e) {
243+
log.debug("MessageBuilder: AsymmetricBinding build FAILED: " + e.getMessage());
244+
e.printStackTrace();
245+
throw e;
246+
}
147247
}
148248

149249
//TODO remove following check, we don't need this check here as we do a check to see whether
150250
// security header required
151251

152252
WSSecHeader secHeader = rmd.getSecHeader();
153-
154-
if ( secHeader != null && secHeader.isEmpty() ) {
155-
secHeader.removeSecurityHeader();
253+
if (log.isDebugEnabled()) {
254+
log.debug("MessageBuilder: Final security header check");
255+
log.debug("MessageBuilder: Security header present = " + (secHeader != null));
256+
if (secHeader != null) {
257+
boolean isEmpty = secHeader.isEmpty();
258+
log.debug("MessageBuilder: Security header empty = " + isEmpty);
259+
if (isEmpty) {
260+
log.debug("MessageBuilder: REMOVING empty security header");
261+
} else {
262+
log.debug("MessageBuilder: Security header retained (has content)");
263+
}
264+
} else {
265+
log.debug("MessageBuilder: No security header was created!");
266+
}
156267
}
157-
268+
269+
270+
// Log the final envelope being built
271+
if (log.isDebugEnabled()) {
272+
try {
273+
log.debug("=== MESSAGEBUILDER: Final SOAP envelope being sent ===");
274+
log.debug("MessageBuilder: Action = " + msgCtx.getWSAAction());
275+
log.debug("MessageBuilder: Final envelope content:");
276+
log.debug(msgCtx.getEnvelope().toString());
277+
log.debug("=== END SOAP envelope ===");
278+
} catch (Exception e) {
279+
log.debug("MessageBuilder: Could not log envelope: " + e.getMessage());
280+
}
281+
}
282+
158283
/*
159284
* Checking whether MTOMSerializable is there. If so set optimizeElement.
160285
* */

0 commit comments

Comments
 (0)