You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2014/06/26 17:17:00 UTC
[2/5] git commit: Fixing problem with IssuedToken policy validation
Fixing problem with IssuedToken policy validation
Conflicts:
rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/7c309b52
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/7c309b52
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/7c309b52
Branch: refs/heads/2.6.x-fixes
Commit: 7c309b52b8d42011cf47c9d76f3e292cf7caf64d
Parents: 33d66d0
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Thu Jun 26 15:01:54 2014 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Thu Jun 26 16:06:40 2014 +0100
----------------------------------------------------------------------
.../IssuedTokenInterceptorProvider.java | 18 ++++++++++++++++--
1 file changed, 16 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/7c309b52/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
index 2f5ab2e..fb6697b 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
@@ -498,12 +498,23 @@ public class IssuedTokenInterceptorProvider extends AbstractPolicyInterceptorPro
if (ais == null) {
return;
}
+<<<<<<< HEAD
+=======
+
+ IssuedToken itok = (IssuedToken)ais.iterator().next().getAssertion();
+ assertIssuedToken(itok, aim);
+
+>>>>>>> 60bad6d... Fixing problem with IssuedToken policy validation
if (!isRequestor(message)) {
message.getExchange().remove(SecurityConstants.TOKEN);
List<WSHandlerResult> results =
CastUtils.cast((List<?>)message.get(WSHandlerConstants.RECV_RESULTS));
if (results != null && results.size() > 0) {
- parseHandlerResults(results.get(0), message, aim);
+ parseHandlerResults(results.get(0), message, ais);
+ }
+ } else {
+ for (AssertionInfo ai : ais) {
+ ai.setAsserted(true);
}
} else {
//client side should be checked on the way out
@@ -517,7 +528,7 @@ public class IssuedTokenInterceptorProvider extends AbstractPolicyInterceptorPro
private void parseHandlerResults(
WSHandlerResult rResult,
Message message,
- AssertionInfoMap aim
+ Collection<AssertionInfo> issuedAis
) {
List<WSSecurityEngineResult> signedResults = new ArrayList<WSSecurityEngineResult>();
WSSecurityUtil.fetchAllActionResults(
@@ -526,7 +537,10 @@ public class IssuedTokenInterceptorProvider extends AbstractPolicyInterceptorPro
IssuedTokenPolicyValidator issuedValidator =
new IssuedTokenPolicyValidator(signedResults, message);
+<<<<<<< HEAD
Collection<AssertionInfo> issuedAis = aim.get(SP12Constants.ISSUED_TOKEN);
+=======
+>>>>>>> 60bad6d... Fixing problem with IssuedToken policy validation
for (AssertionWrapper assertionWrapper : findSamlTokenResults(rResult.getResults())) {
boolean valid = issuedValidator.validatePolicy(issuedAis, assertionWrapper);