You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2013/05/10 19:11:57 UTC
svn commit: r1481104 -
/cxf/branches/2.7.x-fixes/rt/security/src/main/java/org/apache/cxf/rt/security/xacml/AbstractXACMLAuthorizingInterceptor.java
Author: coheigea
Date: Fri May 10 17:11:57 2013
New Revision: 1481104
URL: http://svn.apache.org/r1481104
Log:
Merged revisions 1481103 via git cherry-pick from
https://svn.apache.org/repos/asf/cxf/trunk
........
r1481103 | coheigea | 2013-05-10 18:10:27 +0100 (Fri, 10 May 2013) | 2 lines
Log XACML Request at level.FINE
........
Modified:
cxf/branches/2.7.x-fixes/rt/security/src/main/java/org/apache/cxf/rt/security/xacml/AbstractXACMLAuthorizingInterceptor.java
Modified: cxf/branches/2.7.x-fixes/rt/security/src/main/java/org/apache/cxf/rt/security/xacml/AbstractXACMLAuthorizingInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/security/src/main/java/org/apache/cxf/rt/security/xacml/AbstractXACMLAuthorizingInterceptor.java?rev=1481104&r1=1481103&r2=1481104&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/security/src/main/java/org/apache/cxf/rt/security/xacml/AbstractXACMLAuthorizingInterceptor.java (original)
+++ cxf/branches/2.7.x-fixes/rt/security/src/main/java/org/apache/cxf/rt/security/xacml/AbstractXACMLAuthorizingInterceptor.java Fri May 10 17:11:57 2013
@@ -26,7 +26,11 @@ import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+
import org.apache.cxf.common.logging.LogUtils;
+import org.apache.cxf.helpers.DOMUtils;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.interceptor.security.AccessDeniedException;
import org.apache.cxf.message.Message;
@@ -35,6 +39,7 @@ import org.apache.cxf.phase.Phase;
import org.apache.cxf.security.LoginSecurityContext;
import org.apache.cxf.security.SecurityContext;
import org.apache.ws.security.saml.ext.OpenSAMLUtil;
+import org.apache.ws.security.util.DOM2Writer;
import org.opensaml.xacml.ctx.DecisionType;
import org.opensaml.xacml.ctx.RequestType;
import org.opensaml.xacml.ctx.ResponseType;
@@ -85,6 +90,12 @@ public abstract class AbstractXACMLAutho
LOG.log(Level.FINE, "Unauthorized: " + e.getMessage(), e);
throw new AccessDeniedException("Unauthorized");
}
+ } else {
+ LOG.log(
+ Level.FINE,
+ "The SecurityContext was not an instance of LoginSecurityContext. No authorization "
+ + "is possible as a result"
+ );
}
throw new AccessDeniedException("Unauthorized");
@@ -105,6 +116,11 @@ public abstract class AbstractXACMLAutho
Principal principal, List<String> roles, Message message
) throws Exception {
RequestType request = requestBuilder.createRequest(principal, roles, message);
+ if (LOG.isLoggable(Level.FINE)) {
+ Document doc = DOMUtils.createDocument();
+ Element requestElement = OpenSAMLUtil.toDom(request, doc);
+ LOG.log(Level.FINE, DOM2Writer.nodeToString(requestElement));
+ }
ResponseType response = performRequest(request, message);