You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2015/11/27 14:55:30 UTC
[5/5] cxf git commit: Fixing backmerge
Fixing backmerge
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/b7ba15d4
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/b7ba15d4
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/b7ba15d4
Branch: refs/heads/3.0.x-fixes
Commit: b7ba15d4b26d346c56396fa0efb7399991d7db0b
Parents: 684633b
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Fri Nov 27 13:55:14 2015 +0000
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Fri Nov 27 13:55:14 2015 +0000
----------------------------------------------------------------------
.../oauth2/saml/SamlOAuthValidator.java | 7 ----
.../apache/cxf/rs/security/saml/SAMLUtils.java | 41 ++++++--------------
2 files changed, 11 insertions(+), 37 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/b7ba15d4/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/saml/SamlOAuthValidator.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/saml/SamlOAuthValidator.java b/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/saml/SamlOAuthValidator.java
index 526fea9..05f3d59 100644
--- a/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/saml/SamlOAuthValidator.java
+++ b/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/saml/SamlOAuthValidator.java
@@ -123,14 +123,7 @@ public class SamlOAuthValidator {
private boolean validateAuthenticationSubject(Message m,
Conditions cs,
-<<<<<<< HEAD
org.opensaml.saml2.core.Subject subject) {
- if (subject.getSubjectConfirmations() == null) {
- return false;
- }
-=======
- org.opensaml.saml.saml2.core.Subject subject) {
->>>>>>> 6b35529... Avoid a bug that a bearer subject conf is not enforced if the subject conf list is not empty
// We need to find a Bearer Subject Confirmation method
boolean bearerSubjectConfFound = false;
if (subject.getSubjectConfirmations() != null) {
http://git-wip-us.apache.org/repos/asf/cxf/blob/b7ba15d4/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/SAMLUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/SAMLUtils.java b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/SAMLUtils.java
index 1622718..8442c2e 100644
--- a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/SAMLUtils.java
+++ b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/SAMLUtils.java
@@ -37,16 +37,12 @@ import org.apache.wss4j.common.ext.WSPasswordCallback;
import org.apache.wss4j.common.saml.SAMLCallback;
import org.apache.wss4j.common.saml.SAMLUtil;
import org.apache.wss4j.common.saml.SamlAssertionWrapper;
-<<<<<<< HEAD
+import org.opensaml.saml1.core.AttributeStatement;
+import org.opensaml.saml1.core.AuthenticationStatement;
+import org.opensaml.saml1.core.AuthorizationDecisionStatement;
+import org.opensaml.saml1.core.NameIdentifier;
+import org.opensaml.saml1.core.Statement;
import org.opensaml.saml2.core.NameID;
-=======
-import org.opensaml.saml.saml1.core.AttributeStatement;
-import org.opensaml.saml.saml1.core.AuthenticationStatement;
-import org.opensaml.saml.saml1.core.AuthorizationDecisionStatement;
-import org.opensaml.saml.saml1.core.NameIdentifier;
-import org.opensaml.saml.saml1.core.Statement;
-import org.opensaml.saml.saml2.core.NameID;
->>>>>>> e81610d... Allow setting the security context up with a SAML 1.1 assertion
public final class SAMLUtils {
private static final Logger LOG =
@@ -57,22 +53,8 @@ public final class SAMLUtils {
}
public static Subject getSubject(Message message, SamlAssertionWrapper assertionW) {
-<<<<<<< HEAD
- org.opensaml.saml2.core.Subject s = assertionW.getSaml2().getSubject();
- Subject subject = new Subject();
- NameID nameId = s.getNameID();
- subject.setNameQualifier(nameId.getNameQualifier());
- // if format is transient then we may need to use STSClient
- // to request an alternate name from IDP
- subject.setNameFormat(nameId.getFormat());
-
- subject.setName(nameId.getValue());
- subject.setSpId(nameId.getSPProvidedID());
- subject.setSpQualifier(nameId.getSPNameQualifier());
- return subject;
-=======
if (assertionW.getSaml2() != null) {
- org.opensaml.saml.saml2.core.Subject s = assertionW.getSaml2().getSubject();
+ org.opensaml.saml2.core.Subject s = assertionW.getSaml2().getSubject();
Subject subject = new Subject();
NameID nameId = s.getNameID();
subject.setNameQualifier(nameId.getNameQualifier());
@@ -85,7 +67,7 @@ public final class SAMLUtils {
subject.setSpQualifier(nameId.getSPNameQualifier());
return subject;
} else if (assertionW.getSaml1() != null) {
- org.opensaml.saml.saml1.core.Subject s = getSaml1Subject(assertionW);
+ org.opensaml.saml1.core.Subject s = getSaml1Subject(assertionW);
if (s != null) {
Subject subject = new Subject();
NameIdentifier nameId = s.getNameIdentifier();
@@ -94,16 +76,16 @@ public final class SAMLUtils {
// to request an alternate name from IDP
subject.setNameFormat(nameId.getFormat());
- subject.setName(nameId.getValue());
+ subject.setName(nameId.getNameIdentifier());
return subject;
}
}
return null;
}
- private static org.opensaml.saml.saml1.core.Subject getSaml1Subject(SamlAssertionWrapper assertionW) {
- for (Statement stmt : ((org.opensaml.saml.saml1.core.Assertion)assertionW.getSaml1()).getStatements()) {
- org.opensaml.saml.saml1.core.Subject samlSubject = null;
+ private static org.opensaml.saml1.core.Subject getSaml1Subject(SamlAssertionWrapper assertionW) {
+ for (Statement stmt : ((org.opensaml.saml1.core.Assertion)assertionW.getSaml1()).getStatements()) {
+ org.opensaml.saml1.core.Subject samlSubject = null;
if (stmt instanceof AttributeStatement) {
AttributeStatement attrStmt = (AttributeStatement) stmt;
samlSubject = attrStmt.getSubject();
@@ -120,7 +102,6 @@ public final class SAMLUtils {
}
}
return null;
->>>>>>> e81610d... Allow setting the security context up with a SAML 1.1 assertion
}
public static SamlAssertionWrapper createAssertion(Message message) throws Fault {