You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2013/05/10 19:11:57 UTC

svn commit: r1481104 - /cxf/branches/2.7.x-fixes/rt/security/src/main/java/org/apache/cxf/rt/security/xacml/AbstractXACMLAuthorizingInterceptor.java

Author: coheigea
Date: Fri May 10 17:11:57 2013
New Revision: 1481104

URL: http://svn.apache.org/r1481104
Log:
Merged revisions 1481103 via  git cherry-pick from
https://svn.apache.org/repos/asf/cxf/trunk

........
  r1481103 | coheigea | 2013-05-10 18:10:27 +0100 (Fri, 10 May 2013) | 2 lines

  Log XACML Request at level.FINE

........

Modified:
    cxf/branches/2.7.x-fixes/rt/security/src/main/java/org/apache/cxf/rt/security/xacml/AbstractXACMLAuthorizingInterceptor.java

Modified: cxf/branches/2.7.x-fixes/rt/security/src/main/java/org/apache/cxf/rt/security/xacml/AbstractXACMLAuthorizingInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/security/src/main/java/org/apache/cxf/rt/security/xacml/AbstractXACMLAuthorizingInterceptor.java?rev=1481104&r1=1481103&r2=1481104&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/security/src/main/java/org/apache/cxf/rt/security/xacml/AbstractXACMLAuthorizingInterceptor.java (original)
+++ cxf/branches/2.7.x-fixes/rt/security/src/main/java/org/apache/cxf/rt/security/xacml/AbstractXACMLAuthorizingInterceptor.java Fri May 10 17:11:57 2013
@@ -26,7 +26,11 @@ import java.util.Set;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+
 import org.apache.cxf.common.logging.LogUtils;
+import org.apache.cxf.helpers.DOMUtils;
 import org.apache.cxf.interceptor.Fault;
 import org.apache.cxf.interceptor.security.AccessDeniedException;
 import org.apache.cxf.message.Message;
@@ -35,6 +39,7 @@ import org.apache.cxf.phase.Phase;
 import org.apache.cxf.security.LoginSecurityContext;
 import org.apache.cxf.security.SecurityContext;
 import org.apache.ws.security.saml.ext.OpenSAMLUtil;
+import org.apache.ws.security.util.DOM2Writer;
 import org.opensaml.xacml.ctx.DecisionType;
 import org.opensaml.xacml.ctx.RequestType;
 import org.opensaml.xacml.ctx.ResponseType;
@@ -85,6 +90,12 @@ public abstract class AbstractXACMLAutho
                 LOG.log(Level.FINE, "Unauthorized: " + e.getMessage(), e);
                 throw new AccessDeniedException("Unauthorized");
             }
+        } else {
+            LOG.log(
+                Level.FINE,
+                "The SecurityContext was not an instance of LoginSecurityContext. No authorization "
+                + "is possible as a result"
+            );
         }
         
         throw new AccessDeniedException("Unauthorized");
@@ -105,6 +116,11 @@ public abstract class AbstractXACMLAutho
         Principal principal, List<String> roles, Message message
     ) throws Exception {
         RequestType request = requestBuilder.createRequest(principal, roles, message);
+        if (LOG.isLoggable(Level.FINE)) {
+            Document doc = DOMUtils.createDocument();
+            Element requestElement = OpenSAMLUtil.toDom(request, doc);
+            LOG.log(Level.FINE, DOM2Writer.nodeToString(requestElement));
+        }
         
         ResponseType response = performRequest(request, message);