You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2012/12/06 14:40:02 UTC
svn commit: r1417877 -
/cxf/branches/2.6.x-fixes/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenIssueOperation.java
Author: coheigea
Date: Thu Dec 6 13:40:01 2012
New Revision: 1417877
URL: http://svn.apache.org/viewvc?rev=1417877&view=rev
Log:
Merged revisions 1417840 via git cherry-pick from
https://svn.apache.org/repos/asf/cxf/trunk
........
r1417840 | coheigea | 2012-12-06 13:24:58 +0000 (Thu, 06 Dec 2012) | 3 lines
[CXF-4679] - STS onBehalfOf validation should throw exception for invalid tokens in issue operation
- Patch applied, thanks
........
Modified:
cxf/branches/2.6.x-fixes/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenIssueOperation.java
Modified: cxf/branches/2.6.x-fixes/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenIssueOperation.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenIssueOperation.java?rev=1417877&r1=1417876&r2=1417877&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenIssueOperation.java (original)
+++ cxf/branches/2.6.x-fixes/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenIssueOperation.java Thu Dec 6 13:40:01 2012
@@ -114,7 +114,8 @@ public class TokenIssueOperation extends
if (tokenResponse == null) {
LOG.fine("No Token Validator has been found that can handle this token");
-
+ } else if (validateTarget.getState().equals(STATE.INVALID)) {
+ throw new STSException("Incoming token is invalid", STSException.REQUEST_FAILED);
} else if (validateTarget.getState().equals(STATE.VALID)) {
processValidToken(providerParameters, validateTarget, tokenResponse);
} else {