You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2018/08/20 11:44:12 UTC
[cxf-fediz] branch 1.4.x-fixes updated (4f6e691 -> 27e3f24)
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a change to branch 1.4.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf-fediz.git.
from 4f6e691 Provide a way of disabling the client address check for SAML SSO
new 1e2c249 Fixing mistake in previous commit
new 27e3f24 Fixing mistake in previous commit
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
.../main/java/org/apache/cxf/fediz/core/config/SAMLProtocol.java | 4 ++--
.../java/org/apache/cxf/fediz/core/processor/SAMLProcessorImpl.java | 6 ++----
plugins/core/src/main/resources/schemas/FedizConfig.xsd | 4 ++--
3 files changed, 6 insertions(+), 8 deletions(-)
[cxf-fediz] 02/02: Fixing mistake in previous commit
Posted by co...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch 1.4.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf-fediz.git
commit 27e3f24a8f839059edd5e9321117480f03828d68
Author: Colm O hEigeartaigh <co...@apache.org>
AuthorDate: Mon Aug 20 12:38:44 2018 +0100
Fixing mistake in previous commit
---
.../src/main/java/org/apache/cxf/fediz/core/config/SAMLProtocol.java | 4 ++--
.../java/org/apache/cxf/fediz/core/processor/SAMLProcessorImpl.java | 4 ++--
plugins/core/src/main/resources/schemas/FedizConfig.xsd | 4 ++--
3 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/SAMLProtocol.java b/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/SAMLProtocol.java
index de4997e..ba90548 100644
--- a/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/SAMLProtocol.java
+++ b/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/SAMLProtocol.java
@@ -110,7 +110,7 @@ public class SAMLProtocol extends Protocol {
return getSAMLProtocol().getIssuerLogoutURL();
}
- public boolean isCheckClientAddress() {
- return getSAMLProtocol().isCheckClientAddress();
+ public boolean isDisableClientAddressCheck() {
+ return getSAMLProtocol().isDisableClientAddressCheck();
}
}
diff --git a/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/SAMLProcessorImpl.java b/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/SAMLProcessorImpl.java
index d92cb1a..1150127 100644
--- a/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/SAMLProcessorImpl.java
+++ b/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/SAMLProcessorImpl.java
@@ -333,8 +333,8 @@ public class SAMLProcessorImpl extends AbstractFedizProcessor {
SAMLSSOResponseValidator ssoResponseValidator = new SAMLSSOResponseValidator();
String requestURL = request.getRequestURL().toString();
ssoResponseValidator.setAssertionConsumerURL(requestURL);
- boolean checkClientAddress = ((SAMLProtocol)config.getProtocol()).isCheckClientAddress();
- if (checkClientAddress) {
+ boolean disableClientAddressCheck = ((SAMLProtocol)config.getProtocol()).isDisableClientAddressCheck();
+ if (!disableClientAddressCheck) {
ssoResponseValidator.setClientAddress(request.getRemoteAddr());
}
diff --git a/plugins/core/src/main/resources/schemas/FedizConfig.xsd b/plugins/core/src/main/resources/schemas/FedizConfig.xsd
index 7ffc4d0..fe02f5f 100644
--- a/plugins/core/src/main/resources/schemas/FedizConfig.xsd
+++ b/plugins/core/src/main/resources/schemas/FedizConfig.xsd
@@ -169,7 +169,7 @@
<xs:element ref="signRequest" />
<xs:element ref="authnRequestBuilder" />
<xs:element ref="disableDeflateEncoding" />
- <xs:element ref="checkClientAddress" />
+ <xs:element ref="disableClientAddressCheck" />
<xs:element ref="doNotEnforceKnownIssuer" />
<xs:element ref="issuerLogoutURL" />
</xs:sequence>
@@ -189,7 +189,7 @@
<xs:element name="disableDeflateEncoding" type="xs:boolean" />
<xs:element name="doNotEnforceKnownIssuer" type="xs:boolean" />
<xs:element name="issuerLogoutURL" type="xs:string" />
- <xs:element name="checkClientAddress" type="xs:boolean" default="true"/>
+ <xs:element name="disableClientAddressCheck" type="xs:boolean"/>
<xs:complexType name="protocolType" abstract="true">
<xs:sequence>
[cxf-fediz] 01/02: Fixing mistake in previous commit
Posted by co...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch 1.4.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf-fediz.git
commit 1e2c249dcdd12190adb244bf7ca9f54f9bf2b83a
Author: Colm O hEigeartaigh <co...@apache.org>
AuthorDate: Mon Aug 20 12:38:44 2018 +0100
Fixing mistake in previous commit
---
.../java/org/apache/cxf/fediz/core/processor/SAMLProcessorImpl.java | 2 --
1 file changed, 2 deletions(-)
diff --git a/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/SAMLProcessorImpl.java b/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/SAMLProcessorImpl.java
index 901e659..d92cb1a 100644
--- a/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/SAMLProcessorImpl.java
+++ b/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/SAMLProcessorImpl.java
@@ -338,8 +338,6 @@ public class SAMLProcessorImpl extends AbstractFedizProcessor {
ssoResponseValidator.setClientAddress(request.getRemoteAddr());
}
- ssoResponseValidator.setClientAddress(request.getRemoteAddr());
-
boolean doNotEnforceKnownIssuer =
((SAMLProtocol)config.getProtocol()).isDoNotEnforceKnownIssuer();
ssoResponseValidator.setEnforceKnownIssuer(!doNotEnforceKnownIssuer);