You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2016/01/29 14:36:23 UTC
[2/2] cxf git commit: Make sure the SecurityToken Element can survive
serialization
Make sure the SecurityToken Element can survive serialization
# Conflicts:
# rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/da9a54c5
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/da9a54c5
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/da9a54c5
Branch: refs/heads/3.0.x-fixes
Commit: da9a54c573c411a2562b1fbe733f8ece0bb98f07
Parents: 6303c85
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Fri Jan 29 13:33:01 2016 +0000
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Fri Jan 29 13:34:34 2016 +0000
----------------------------------------------------------------------
.../ws/security/tokenstore/SecurityToken.java | 32 +++++++++++++++++++-
1 file changed, 31 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/da9a54c5/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java
index 7a74b35..43d3d68 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/tokenstore/SecurityToken.java
@@ -19,7 +19,11 @@
package org.apache.cxf.ws.security.tokenstore;
+import java.io.IOException;
+import java.io.ObjectInputStream;
+import java.io.ObjectOutputStream;
import java.io.Serializable;
+import java.io.StringReader;
import java.security.Key;
import java.security.Principal;
import java.security.cert.X509Certificate;
@@ -28,6 +32,8 @@ import java.text.ParseException;
import java.util.Date;
import java.util.Properties;
+import javax.xml.stream.XMLStreamException;
+
import org.w3c.dom.Element;
import org.apache.cxf.helpers.DOMUtils;
@@ -35,6 +41,7 @@ import org.apache.cxf.security.SecurityContext;
import org.apache.cxf.staxutils.StaxUtils;
import org.apache.cxf.staxutils.W3CDOMStreamWriter;
import org.apache.wss4j.common.crypto.Crypto;
+import org.apache.wss4j.common.util.DOM2Writer;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.message.token.Reference;
import org.apache.wss4j.dom.util.XmlSchemaDateFormat;
@@ -50,7 +57,11 @@ public class SecurityToken implements Serializable {
*/
public static final String BOOTSTRAP_TOKEN_ID = "bootstrap_security_token_id";
- private static final long serialVersionUID = 3820740387121650613L;
+ /**
+ *
+ */
+ private static final long serialVersionUID = -8220267049304000696L;
+
/**
* Token identifier
@@ -68,6 +79,11 @@ public class SecurityToken implements Serializable {
private transient Element token;
/**
+ * The String representation of the token (The token can't be serialized as it's a DOM Element)
+ */
+ private String tokenStr;
+
+ /**
* The RequestedAttachedReference element
* NOTE : The oasis-200401-wss-soap-message-security-1.0 spec allows
* an extensibility mechanism for wsse:SecurityTokenReference and
@@ -558,4 +574,18 @@ public class SecurityToken implements Serializable {
this.data = data;
}
+ private void writeObject(ObjectOutputStream stream) throws IOException {
+ if (token != null && tokenStr == null) {
+ tokenStr = DOM2Writer.nodeToString(token);
+ }
+ stream.defaultWriteObject();
+ }
+
+ private void readObject(ObjectInputStream in) throws IOException, ClassNotFoundException, XMLStreamException {
+ in.defaultReadObject();
+
+ if (token == null && tokenStr != null) {
+ token = StaxUtils.read(new StringReader(tokenStr)).getDocumentElement();
+ }
+ }
}