You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2022/02/03 11:15:57 UTC

[cxf] 01/02: [CXF-8648] Make ClaimsAuthorizingInterceptor configurable in ClaimsAuthorizingFilter (#899)

This is an automated email from the ASF dual-hosted git repository.

coheigea pushed a commit to branch 3.5.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf.git

commit e7f7b2154ed9f5668a62a7e99f862ca1aef7cd43
Author: Oliver Wulff <73...@users.noreply.github.com>
AuthorDate: Thu Feb 3 12:14:24 2022 +0100

    [CXF-8648] Make ClaimsAuthorizingInterceptor configurable in ClaimsAuthorizingFilter (#899)
    
    (cherry picked from commit c76c75b412bff06cee025f472bc2d813f37cb63f)
---
 .../apache/cxf/jaxrs/security/ClaimsAuthorizingFilter.java  | 13 +++++++++++--
 .../systest/jaxrs/security/jose/jwt/authn-authz-server.xml  |  8 ++++++--
 .../apache/cxf/systest/jaxrs/security/saml/secureServer.xml |  5 ++++-
 3 files changed, 21 insertions(+), 5 deletions(-)

diff --git a/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/ClaimsAuthorizingFilter.java b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/ClaimsAuthorizingFilter.java
index b19d269..c7a64ec 100644
--- a/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/ClaimsAuthorizingFilter.java
+++ b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/ClaimsAuthorizingFilter.java
@@ -33,7 +33,15 @@ import org.apache.cxf.rt.security.claims.interceptor.ClaimsAuthorizingIntercepto
 
 public class ClaimsAuthorizingFilter implements ContainerRequestFilter {
 
-    private ClaimsAuthorizingInterceptor interceptor = new ClaimsAuthorizingInterceptor();
+    private ClaimsAuthorizingInterceptor interceptor;
+
+    public ClaimsAuthorizingFilter() {
+        this.interceptor = new ClaimsAuthorizingInterceptor();
+    }
+
+    public ClaimsAuthorizingFilter(ClaimsAuthorizingInterceptor interceptor) {
+        this.interceptor = interceptor;
+    }
 
     @Override
     public void filter(ContainerRequestContext context) {
@@ -45,13 +53,14 @@ public class ClaimsAuthorizingFilter implements ContainerRequestFilter {
         }
     }
 
+    @Deprecated()
     public void setClaims(Map<String, List<ClaimBean>> claimsMap) {
         interceptor.setClaims(claimsMap);
     }
 
+    @Deprecated()
     public void setSecuredObject(Object securedObject) {
         interceptor.setSecuredObject(securedObject);
     }
 
-
 }
diff --git a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/jose/jwt/authn-authz-server.xml b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/jose/jwt/authn-authz-server.xml
index c12840c..40df2ad 100644
--- a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/jose/jwt/authn-authz-server.xml
+++ b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/jose/jwt/authn-authz-server.xml
@@ -77,10 +77,14 @@ under the License.
            </map>
        </property> 
     </bean>
-    
-    <bean id="claimsHandler" class="org.apache.cxf.jaxrs.security.ClaimsAuthorizingFilter">
+
+    <bean id="claimsInterceptor" class="org.apache.cxf.rt.security.claims.interceptor.ClaimsAuthorizingInterceptor">
         <property name="securedObject" ref="serviceBean"/>
     </bean>
+
+    <bean id="claimsHandler" class="org.apache.cxf.jaxrs.security.ClaimsAuthorizingFilter">
+        <constructor-arg ref="claimsInterceptor"/>
+    </bean>
     
     <jaxrs:server address="https://localhost:${testutil.ports.jaxrs-jwt-authn-authz}/signedjwtauthz">
         <jaxrs:serviceBeans>
diff --git a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/saml/secureServer.xml b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/saml/secureServer.xml
index 3c5118a..a56ebd3 100644
--- a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/saml/secureServer.xml
+++ b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/saml/secureServer.xml
@@ -48,9 +48,12 @@ under the License.
     <bean id="serviceBean" class="org.apache.cxf.systest.jaxrs.security.saml.SecureBookStore"/>
     <bean id="serviceBeanClaims" class="org.apache.cxf.systest.jaxrs.security.saml.SecureClaimBookStore"/>
     <bean id="samlEnvHandler" class="org.apache.cxf.rs.security.saml.SamlEnvelopedInHandler"/>
-    <bean id="claimsHandler" class="org.apache.cxf.jaxrs.security.ClaimsAuthorizingFilter">
+    <bean id="claimsInterceptor" class="org.apache.cxf.rt.security.claims.interceptor.ClaimsAuthorizingInterceptor">
         <property name="securedObject" ref="serviceBeanClaims"/>
     </bean>
+    <bean id="claimsHandler" class="org.apache.cxf.jaxrs.security.ClaimsAuthorizingFilter">
+        <constructor-arg ref="claimsInterceptor"/>
+    </bean>
     <bean id="authorizationInterceptor" class="org.apache.cxf.interceptor.security.SecureAnnotationsInterceptor">
         <property name="securedObject" ref="serviceBean"/>
     </bean>