You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2016/01/12 17:01:13 UTC
cxf-fediz git commit: [FEDIZ-140] - IDP caches outdated SAML Tokens
Repository: cxf-fediz
Updated Branches:
refs/heads/master db74b690c -> f46137383
[FEDIZ-140] - IDP caches outdated SAML Tokens
Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/f4613738
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/f4613738
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/f4613738
Branch: refs/heads/master
Commit: f46137383305dd76428da60bd9b2e613815cd694
Parents: db74b69
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Tue Jan 12 15:48:34 2016 +0000
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Tue Jan 12 15:48:34 2016 +0000
----------------------------------------------------------------------
pom.xml | 2 +-
.../cxf/fediz/service/idp/beans/WfreshParser.java | 17 ++++++++++++++++-
services/oidc/pom.xml | 3 ---
3 files changed, 17 insertions(+), 5 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/f4613738/pom.xml
----------------------------------------------------------------------
diff --git a/pom.xml b/pom.xml
index 7561533..5c45967 100644
--- a/pom.xml
+++ b/pom.xml
@@ -40,7 +40,7 @@
<apacheds.version>2.0.0-M20</apacheds.version>
<commons.lang.version>3.4</commons.lang.version>
<commons.logging.version>1.2</commons.logging.version>
- <cxf.version>3.1.4</cxf.version>
+ <cxf.version>3.1.5-SNAPSHOT</cxf.version>
<cxf.build-utils.version>3.1.0</cxf.build-utils.version>
<easymock.version>3.4</easymock.version>
<ecj.version>4.4.2</ecj.version>
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/f4613738/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/WfreshParser.java
----------------------------------------------------------------------
diff --git a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/WfreshParser.java b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/WfreshParser.java
index cc2ef2f..3fba1c8 100644
--- a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/WfreshParser.java
+++ b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/WfreshParser.java
@@ -34,13 +34,14 @@ public class WfreshParser {
private static final Logger LOG = LoggerFactory
.getLogger(WfreshParser.class);
+ private boolean tokenExpirationValidation = true;
public boolean authenticationRequired(String wfresh, String whr, RequestContext context)
throws Exception {
SecurityToken idpToken =
(SecurityToken) WebUtils.getAttributeFromExternalContext(context, whr);
- if (idpToken.isExpired()) {
+ if (tokenExpirationValidation && idpToken.isExpired()) {
LOG.info("[IDP_TOKEN=" + idpToken.getId() + "] is expired.");
return true;
}
@@ -80,4 +81,18 @@ public class WfreshParser {
return false;
}
+ public boolean isTokenExpirationValidation() {
+ return tokenExpirationValidation;
+ }
+
+ /**
+ * Set whether the token validation (e.g. lifetime) shall be performed on every request (true) or only
+ * once at initial authentication (false). The default is "true" (note that the plugins default for this
+ * configuration option is "true").
+ * @param tokenExpirationValidation Whether to perform token expiration validation per request
+ */
+ public void setTokenExpirationValidation(boolean tokenExpirationValidation) {
+ this.tokenExpirationValidation = tokenExpirationValidation;
+ }
+
}
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/f4613738/services/oidc/pom.xml
----------------------------------------------------------------------
diff --git a/services/oidc/pom.xml b/services/oidc/pom.xml
index 8f15b71..bc9a73c 100644
--- a/services/oidc/pom.xml
+++ b/services/oidc/pom.xml
@@ -28,9 +28,6 @@
<artifactId>fediz-oidc</artifactId>
<name>Apache Fediz OIDC</name>
<packaging>war</packaging>
- <properties>
- <cxf.version>3.1.5-SNAPSHOT</cxf.version>
- </properties>
<dependencies>
<dependency>
<groupId>junit</groupId>