You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2015/11/27 14:55:30 UTC

[5/5] cxf git commit: Fixing backmerge

Fixing backmerge


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/b7ba15d4
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/b7ba15d4
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/b7ba15d4

Branch: refs/heads/3.0.x-fixes
Commit: b7ba15d4b26d346c56396fa0efb7399991d7db0b
Parents: 684633b
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Fri Nov 27 13:55:14 2015 +0000
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Fri Nov 27 13:55:14 2015 +0000

----------------------------------------------------------------------
 .../oauth2/saml/SamlOAuthValidator.java         |  7 ----
 .../apache/cxf/rs/security/saml/SAMLUtils.java  | 41 ++++++--------------
 2 files changed, 11 insertions(+), 37 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/b7ba15d4/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/saml/SamlOAuthValidator.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/saml/SamlOAuthValidator.java b/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/saml/SamlOAuthValidator.java
index 526fea9..05f3d59 100644
--- a/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/saml/SamlOAuthValidator.java
+++ b/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/saml/SamlOAuthValidator.java
@@ -123,14 +123,7 @@ public class SamlOAuthValidator {
     
     private boolean validateAuthenticationSubject(Message m, 
                                                   Conditions cs,
-<<<<<<< HEAD
                                                   org.opensaml.saml2.core.Subject subject) {
-        if (subject.getSubjectConfirmations() == null) {
-            return false;
-        }
-=======
-                                                  org.opensaml.saml.saml2.core.Subject subject) {
->>>>>>> 6b35529... Avoid a bug that a bearer subject conf is not enforced if the subject conf list is not empty
         // We need to find a Bearer Subject Confirmation method
         boolean bearerSubjectConfFound = false;
         if (subject.getSubjectConfirmations() != null) {

http://git-wip-us.apache.org/repos/asf/cxf/blob/b7ba15d4/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/SAMLUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/SAMLUtils.java b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/SAMLUtils.java
index 1622718..8442c2e 100644
--- a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/SAMLUtils.java
+++ b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/SAMLUtils.java
@@ -37,16 +37,12 @@ import org.apache.wss4j.common.ext.WSPasswordCallback;
 import org.apache.wss4j.common.saml.SAMLCallback;
 import org.apache.wss4j.common.saml.SAMLUtil;
 import org.apache.wss4j.common.saml.SamlAssertionWrapper;
-<<<<<<< HEAD
+import org.opensaml.saml1.core.AttributeStatement;
+import org.opensaml.saml1.core.AuthenticationStatement;
+import org.opensaml.saml1.core.AuthorizationDecisionStatement;
+import org.opensaml.saml1.core.NameIdentifier;
+import org.opensaml.saml1.core.Statement;
 import org.opensaml.saml2.core.NameID;
-=======
-import org.opensaml.saml.saml1.core.AttributeStatement;
-import org.opensaml.saml.saml1.core.AuthenticationStatement;
-import org.opensaml.saml.saml1.core.AuthorizationDecisionStatement;
-import org.opensaml.saml.saml1.core.NameIdentifier;
-import org.opensaml.saml.saml1.core.Statement;
-import org.opensaml.saml.saml2.core.NameID;
->>>>>>> e81610d... Allow setting the security context up with a SAML 1.1 assertion
 
 public final class SAMLUtils {
     private static final Logger LOG = 
@@ -57,22 +53,8 @@ public final class SAMLUtils {
     }
     
     public static Subject getSubject(Message message, SamlAssertionWrapper assertionW) {
-<<<<<<< HEAD
-        org.opensaml.saml2.core.Subject s = assertionW.getSaml2().getSubject();
-        Subject subject = new Subject();
-        NameID nameId = s.getNameID();
-        subject.setNameQualifier(nameId.getNameQualifier());
-        // if format is transient then we may need to use STSClient
-        // to request an alternate name from IDP
-        subject.setNameFormat(nameId.getFormat());
-        
-        subject.setName(nameId.getValue());
-        subject.setSpId(nameId.getSPProvidedID());
-        subject.setSpQualifier(nameId.getSPNameQualifier());
-        return subject;
-=======
         if (assertionW.getSaml2() != null) {
-            org.opensaml.saml.saml2.core.Subject s = assertionW.getSaml2().getSubject();
+            org.opensaml.saml2.core.Subject s = assertionW.getSaml2().getSubject();
             Subject subject = new Subject();
             NameID nameId = s.getNameID();
             subject.setNameQualifier(nameId.getNameQualifier());
@@ -85,7 +67,7 @@ public final class SAMLUtils {
             subject.setSpQualifier(nameId.getSPNameQualifier());
             return subject;
         } else if (assertionW.getSaml1() != null) {
-            org.opensaml.saml.saml1.core.Subject s = getSaml1Subject(assertionW);
+            org.opensaml.saml1.core.Subject s = getSaml1Subject(assertionW);
             if (s != null) {
                 Subject subject = new Subject();
                 NameIdentifier nameId = s.getNameIdentifier();
@@ -94,16 +76,16 @@ public final class SAMLUtils {
                 // to request an alternate name from IDP
                 subject.setNameFormat(nameId.getFormat());
                 
-                subject.setName(nameId.getValue());
+                subject.setName(nameId.getNameIdentifier());
                 return subject;
             }
         }
         return null;
     }
     
-    private static org.opensaml.saml.saml1.core.Subject getSaml1Subject(SamlAssertionWrapper assertionW) {
-        for (Statement stmt : ((org.opensaml.saml.saml1.core.Assertion)assertionW.getSaml1()).getStatements()) {
-            org.opensaml.saml.saml1.core.Subject samlSubject = null;
+    private static org.opensaml.saml1.core.Subject getSaml1Subject(SamlAssertionWrapper assertionW) {
+        for (Statement stmt : ((org.opensaml.saml1.core.Assertion)assertionW.getSaml1()).getStatements()) {
+            org.opensaml.saml1.core.Subject samlSubject = null;
             if (stmt instanceof AttributeStatement) {
                 AttributeStatement attrStmt = (AttributeStatement) stmt;
                 samlSubject = attrStmt.getSubject();
@@ -120,7 +102,6 @@ public final class SAMLUtils {
             }
         }
         return null;
->>>>>>> e81610d... Allow setting the security context up with a SAML 1.1 assertion
     }
     
     public static SamlAssertionWrapper createAssertion(Message message) throws Fault {