You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by dk...@apache.org on 2011/05/24 19:03:50 UTC
svn commit: r1127146 - in /cxf/branches/2.3.x-fixes: ./
rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
Author: dkulp
Date: Tue May 24 17:03:50 2011
New Revision: 1127146
URL: http://svn.apache.org/viewvc?rev=1127146&view=rev
Log:
Merged revisions 1100270 via svnmerge from
https://svn.apache.org/repos/asf/cxf/trunk
........
r1100270 | coheigea | 2011-05-06 12:28:42 -0400 (Fri, 06 May 2011) | 1 line
Skip policy checking for SIGNED_PARTS and ENCRYPTED_PARTS when using the Transport Binding
........
Modified:
cxf/branches/2.3.x-fixes/ (props changed)
cxf/branches/2.3.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
Propchange: cxf/branches/2.3.x-fixes/
('svn:mergeinfo' removed)
Propchange: cxf/branches/2.3.x-fixes/
------------------------------------------------------------------------------
Binary property 'svnmerge-integrated' - no diff available.
Modified: cxf/branches/2.3.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.3.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java?rev=1127146&r1=1127145&r2=1127146&view=diff
==============================================================================
--- cxf/branches/2.3.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java (original)
+++ cxf/branches/2.3.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java Tue May 24 17:03:50 2011
@@ -542,8 +542,18 @@ public class PolicyBasedWSS4JInIntercept
CryptoCoverageUtil.reconcileEncryptedSignedRefs(signed, encrypted);
- assertTokens(aim, SP12Constants.SIGNED_PARTS, signed, msg, doc, CoverageType.SIGNED);
- assertTokens(aim, SP12Constants.ENCRYPTED_PARTS, encrypted, msg, doc, CoverageType.ENCRYPTED);
+ //
+ // SIGNED_PARTS and ENCRYPTED_PARTS only apply to non-Transport bindings
+ //
+ if (!isTransportBinding(aim)) {
+ assertTokens(
+ aim, SP12Constants.SIGNED_PARTS, signed, msg, doc, CoverageType.SIGNED
+ );
+ assertTokens(
+ aim, SP12Constants.ENCRYPTED_PARTS, encrypted, msg, doc,
+ CoverageType.ENCRYPTED
+ );
+ }
assertXPathTokens(aim, SP12Constants.SIGNED_ELEMENTS, signed, msg, doc,
CoverageType.SIGNED, CoverageScope.ELEMENT);
assertXPathTokens(aim, SP12Constants.ENCRYPTED_ELEMENTS, encrypted, msg, doc,
@@ -699,5 +709,21 @@ public class PolicyBasedWSS4JInIntercept
assertPolicy(aim, SP12Constants.SIGNED_PARTS);
return !assertPolicy(aim, SP12Constants.TRANSPORT_BINDING);
}
+
+ private boolean isTransportBinding(AssertionInfoMap aim) {
+ Collection<AssertionInfo> ais = aim.get(SP12Constants.TRANSPORT_BINDING);
+ if (ais != null && ais.size() > 0) {
+ ais = aim.get(SP12Constants.SYMMETRIC_BINDING);
+ if (ais != null && ais.size() > 0) {
+ return false;
+ }
+ ais = aim.get(SP12Constants.ASYMMETRIC_BINDING);
+ if (ais != null && ais.size() > 0) {
+ return false;
+ }
+ return true;
+ }
+ return false;
+ }
}