You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by dk...@apache.org on 2008/07/02 20:24:08 UTC
svn commit: r673456 - in /cxf/branches/2.0.x-fixes: ./
rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
Author: dkulp
Date: Wed Jul 2 11:24:07 2008
New Revision: 673456
URL: http://svn.apache.org/viewvc?rev=673456&view=rev
Log:
Merged revisions 673455 via svnmerge from
https://svn.apache.org/repos/asf/cxf/trunk
........
r673455 | dkulp | 2008-07-02 14:18:40 -0400 (Wed, 02 Jul 2008) | 2 lines
[CXF-1680] Don't override basic-auth security creds. Add a principal result to the message to make it easier to obtain later.
........
Modified:
cxf/branches/2.0.x-fixes/ (props changed)
cxf/branches/2.0.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
Propchange: cxf/branches/2.0.x-fixes/
------------------------------------------------------------------------------
Binary property 'svnmerge-integrated' - no diff available.
Modified: cxf/branches/2.0.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.0.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java?rev=673456&r1=673455&r2=673456&view=diff
==============================================================================
--- cxf/branches/2.0.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java (original)
+++ cxf/branches/2.0.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java Wed Jul 2 11:24:07 2008
@@ -66,6 +66,7 @@
public static final String TIMESTAMP_RESULT = "wss4j.timestamp.result";
public static final String SIGNATURE_RESULT = "wss4j.signature.result";
+ public static final String PRINCIPAL_RESULT = "wss4j.principal.result";
public static final String PROCESSOR_MAP = "wss4j.processor.map";
private static final Logger LOG = LogUtils.getL7dLogger(WSS4JInInterceptor.class);
@@ -86,18 +87,16 @@
getAfter().add(SAAJInInterceptor.class.getName());
}
- @SuppressWarnings("unchecked")
public WSS4JInInterceptor(Map<String, Object> properties) {
this();
setProperties(properties);
- final Map<QName, String> map =
- (Map<QName, String>) properties.get(PROCESSOR_MAP);
+ final Map<QName, String> map = CastUtils.cast(
+ (Map)properties.get(PROCESSOR_MAP));
if (map != null) {
secEngineOverride = createSecurityEngine(map);
}
}
- @SuppressWarnings("unchecked")
public void handleMessage(SoapMessage msg) throws Fault {
boolean doDebug = LOG.isLoggable(Level.FINE);
boolean doTimeLog = TIME_LOG.isLoggable(Level.FINE);
@@ -256,14 +255,13 @@
}
}
- @SuppressWarnings("unchecked")
private void doResults(SoapMessage msg, String actor, SOAPMessage doc, Vector wsResult)
throws SOAPException, XMLStreamException {
/*
* All ok up to this point. Now construct and setup the security result
* structure. The service may fetch this and check it.
*/
- List<Object> results = (Vector<Object>)msg.get(WSHandlerConstants.RECV_RESULTS);
+ List<Object> results = CastUtils.cast((List)msg.get(WSHandlerConstants.RECV_RESULTS));
if (results == null) {
results = new Vector<Object>();
msg.put(WSHandlerConstants.RECV_RESULTS, results);
@@ -287,17 +285,21 @@
for (WSSecurityEngineResult o : CastUtils.cast(wsResult, WSSecurityEngineResult.class)) {
final Principal p = (Principal)o.get(WSSecurityEngineResult.TAG_PRINCIPAL);
if (p != null) {
- SecurityContext c = new SecurityContext() {
- public Principal getUserPrincipal() {
- return p;
- }
- public boolean isUserInRole(String role) {
- return false;
- }
- };
- msg.put(SecurityContext.class, c);
- break;
- }
+ msg.put(PRINCIPAL_RESULT, p);
+ SecurityContext sc = msg.get(SecurityContext.class);
+ if (sc == null || sc.getUserPrincipal() == null) {
+ SecurityContext c = new SecurityContext() {
+ public Principal getUserPrincipal() {
+ return p;
+ }
+ public boolean isUserInRole(String role) {
+ return false;
+ }
+ };
+ msg.put(SecurityContext.class, c);
+ break;
+ }
+ }
}
}