You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@ws.apache.org by co...@apache.org on 2013/09/27 15:08:42 UTC

svn commit: r1526889 - in /webservices/wss4j/trunk/ws-security-dom/src: main/java/org/apache/wss4j/dom/validate/SamlAssertionValidator.java test/java/org/apache/wss4j/dom/common/SecurityTestUtil.java

Author: coheigea
Date: Fri Sep 27 13:08:42 2013
New Revision: 1526889

URL: http://svn.apache.org/r1526889
Log:
Only create the SAML OneTimeUse Cache if needed.

Modified:
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/SamlAssertionValidator.java
    webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/common/SecurityTestUtil.java

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/SamlAssertionValidator.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/SamlAssertionValidator.java?rev=1526889&r1=1526888&r2=1526889&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/SamlAssertionValidator.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/SamlAssertionValidator.java Fri Sep 27 13:08:42 2013
@@ -144,10 +144,10 @@ public class SamlAssertionValidator exte
     protected void checkOneTimeUse(
         SamlAssertionWrapper samlAssertion, RequestData data
     ) throws WSSecurityException {
-        if (data.getSamlOneTimeUseReplayCache() != null
-            && samlAssertion.getSamlVersion().equals(SAMLVersion.VERSION_20)
+        if (samlAssertion.getSamlVersion().equals(SAMLVersion.VERSION_20)
             && samlAssertion.getSaml2().getConditions() != null
-            && samlAssertion.getSaml2().getConditions().getOneTimeUse() != null) {
+            && samlAssertion.getSaml2().getConditions().getOneTimeUse() != null
+            && data.getSamlOneTimeUseReplayCache() != null) {
             String identifier = samlAssertion.getId();
             
             ReplayCache replayCache = data.getSamlOneTimeUseReplayCache();

Modified: webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/common/SecurityTestUtil.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/common/SecurityTestUtil.java?rev=1526889&r1=1526888&r2=1526889&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/common/SecurityTestUtil.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/common/SecurityTestUtil.java Fri Sep 27 13:08:42 2013
@@ -38,7 +38,8 @@ public final class SecurityTestUtil {
                     if (tmpFile.exists() && (tmpFile.getName().startsWith("ws-security.nonce.cache")
                             || tmpFile.getName().startsWith("wss4j-nonce-cache")
                             || tmpFile.getName().startsWith("ws-security.timestamp.cache")
-                            || tmpFile.getName().startsWith("wss4j-timestamp-cache"))) {
+                            || tmpFile.getName().startsWith("wss4j-timestamp-cache")
+                            || tmpFile.getName().startsWith("wss4j-saml-one-time-use-cache"))) {
                         tmpFile.delete();
                     }
                 }