You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2013/12/16 16:37:55 UTC
svn commit: r1551236 - in
/cxf/branches/2.6.x-fixes/services/sts/sts-core/src:
main/java/org/apache/cxf/sts/token/validator/SAMLTokenValidator.java
test/java/org/apache/cxf/sts/token/validator/SAMLTokenValidatorTest.java
Author: coheigea
Date: Mon Dec 16 15:37:55 2013
New Revision: 1551236
URL: http://svn.apache.org/r1551236
Log:
Fixing build
Modified:
cxf/branches/2.6.x-fixes/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/SAMLTokenValidator.java
cxf/branches/2.6.x-fixes/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/validator/SAMLTokenValidatorTest.java
Modified: cxf/branches/2.6.x-fixes/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/SAMLTokenValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/SAMLTokenValidator.java?rev=1551236&r1=1551235&r2=1551236&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/SAMLTokenValidator.java (original)
+++ cxf/branches/2.6.x-fixes/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/SAMLTokenValidator.java Mon Dec 16 15:37:55 2013
@@ -155,7 +155,6 @@ public class SAMLTokenValidator implemen
WSSConfig wssConfig = WSSConfig.getNewInstance();
requestData.setWssConfig(wssConfig);
requestData.setCallbackHandler(callbackHandler);
- requestData.setMsgContext(tokenParameters.getWebServiceContext().getMessageContext());
// Verify the signature
assertion.verifySignature(
@@ -178,28 +177,6 @@ public class SAMLTokenValidator implemen
}
if (secToken == null) {
-<<<<<<< HEAD
-<<<<<<< HEAD
- if (!assertion.isSigned()) {
- LOG.log(Level.WARNING, "The received assertion is not signed, and therefore not trusted");
- return response;
- }
-
- RequestData requestData = new RequestData();
- requestData.setSigCrypto(sigCrypto);
- WSSConfig wssConfig = WSSConfig.getNewInstance();
- requestData.setWssConfig(wssConfig);
- requestData.setCallbackHandler(callbackHandler);
-
- // Verify the signature
- assertion.verifySignature(
- requestData, new WSDocInfo(validateTargetElement.getOwnerDocument())
- );
-
-=======
->>>>>>> 4b3dbb3... Validation fix in the STS
-=======
->>>>>>> 8b51624... Fixing build
// Validate the assertion against schemas/profiles
validateAssertion(assertion);
Modified: cxf/branches/2.6.x-fixes/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/validator/SAMLTokenValidatorTest.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/validator/SAMLTokenValidatorTest.java?rev=1551236&r1=1551235&r2=1551236&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/validator/SAMLTokenValidatorTest.java (original)
+++ cxf/branches/2.6.x-fixes/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/validator/SAMLTokenValidatorTest.java Mon Dec 16 15:37:55 2013
@@ -348,79 +348,6 @@ public class SAMLTokenValidatorTest exte
assertTrue(validatorResponse.getToken().getState() == STATE.INVALID);
}
-<<<<<<< HEAD
-=======
- @org.junit.Test
- public void testSAML2AssertionWithRolesNoCaching() throws Exception {
- TokenValidator samlTokenValidator = new SAMLTokenValidator();
- TokenValidatorParameters validatorParameters = createValidatorParameters();
- TokenRequirements tokenRequirements = validatorParameters.getTokenRequirements();
-
- // Create a ValidateTarget consisting of a SAML Assertion
- Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
- CallbackHandler callbackHandler = new PasswordCallbackHandler();
- Element samlToken =
- createSAMLAssertionWithRoles(WSConstants.WSS_SAML2_TOKEN_TYPE, crypto, "mystskey",
- callbackHandler, "manager");
- Document doc = samlToken.getOwnerDocument();
- samlToken = (Element)doc.appendChild(samlToken);
-
- ReceivedToken validateTarget = new ReceivedToken(samlToken);
- tokenRequirements.setValidateTarget(validateTarget);
- validatorParameters.setToken(validateTarget);
-
- // Disable caching
- validatorParameters.setTokenStore(null);
-
- assertTrue(samlTokenValidator.canHandleToken(validateTarget));
-
- TokenValidatorResponse validatorResponse =
- samlTokenValidator.validateToken(validatorParameters);
- assertTrue(validatorResponse != null);
- assertTrue(validatorResponse.getToken() != null);
- assertTrue(validatorResponse.getToken().getState() == STATE.VALID);
-
- Principal principal = validatorResponse.getPrincipal();
- assertTrue(principal != null && principal.getName() != null);
- Set<Principal> roles = validatorResponse.getRoles();
- assertTrue(roles != null && !roles.isEmpty());
- assertTrue(roles.iterator().next().getName().equals("manager"));
- }
-
- @org.junit.Test
- public void testSAML2AssertionWithRolesCaching() throws Exception {
- TokenValidator samlTokenValidator = new SAMLTokenValidator();
- TokenValidatorParameters validatorParameters = createValidatorParameters();
- TokenRequirements tokenRequirements = validatorParameters.getTokenRequirements();
-
- // Create a ValidateTarget consisting of a SAML Assertion
- Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
- CallbackHandler callbackHandler = new PasswordCallbackHandler();
- Element samlToken =
- createSAMLAssertionWithRoles(WSConstants.WSS_SAML2_TOKEN_TYPE, crypto, "mystskey",
- callbackHandler, "employee");
- Document doc = samlToken.getOwnerDocument();
- samlToken = (Element)doc.appendChild(samlToken);
-
- ReceivedToken validateTarget = new ReceivedToken(samlToken);
- tokenRequirements.setValidateTarget(validateTarget);
- validatorParameters.setToken(validateTarget);
-
- assertTrue(samlTokenValidator.canHandleToken(validateTarget));
-
- TokenValidatorResponse validatorResponse =
- samlTokenValidator.validateToken(validatorParameters);
- assertTrue(validatorResponse != null);
- assertTrue(validatorResponse.getToken() != null);
- assertTrue(validatorResponse.getToken().getState() == STATE.VALID);
-
- Principal principal = validatorResponse.getPrincipal();
- assertTrue(principal != null && principal.getName() != null);
- Set<Principal> roles = validatorResponse.getRoles();
- assertTrue(roles != null && !roles.isEmpty());
- assertTrue(roles.iterator().next().getName().equals("employee"));
- }
-
/**
* Test an invalid SAML 2 Assertion
*/
@@ -468,7 +395,6 @@ public class SAMLTokenValidatorTest exte
assertTrue(validatorResponse.getToken().getState() != STATE.VALID);
}
->>>>>>> 15187c1... Merged revisions 1551228 via git cherry-pick from
private TokenValidatorParameters createValidatorParameters() throws WSSecurityException {
TokenValidatorParameters parameters = new TokenValidatorParameters();