You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@cxf.apache.org by Aki Yoshida <el...@gmail.com> on 2013/03/14 14:25:09 UTC
Re: svn commit: r1455859 - /cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenOutInterceptor.java
Hi Colm,
I think the old expired token needs to be removed from the cache.
so instead of
- if (tok == null) {
+ if (tok == null || !tok.isExpired()) {
shouldn't we have something like?
if (tokId != null) {
tok =
NegotiationUtils.getTokenStore(message).getToken(tokId);
+ if (tok != null && tok.isExpired()) {
+
message.getExchange().get(Endpoint.class).remove(SecurityConstants.TOKEN_ID);
+
message.getExchange().remove(SecurityConstants.TOKEN_ID);
+
NegotiationUtils.getTokenStore(message).remove(tok.getId());
+ tok = null;
+ }
}
if (tok == null) {
tok = issueToken(message, aim);
regards, aki
2013/3/13 <co...@apache.org>:
> Author: coheigea
> Date: Wed Mar 13 10:09:32 2013
> New Revision: 1455859
>
> URL: http://svn.apache.org/r1455859
> Log:
> Get a new SPNEGO token on expiry
>
> Modified:
> cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenOutInterceptor.java
>
> Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenOutInterceptor.java
> URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenOutInterceptor.java?rev=1455859&r1=1455858&r2=1455859&view=diff
> ==============================================================================
> --- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenOutInterceptor.java (original)
> +++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenOutInterceptor.java Wed Mar 13 10:09:32 2013
> @@ -61,7 +61,7 @@ class SpnegoContextTokenOutInterceptor e
> if (tokId != null) {
> tok = NegotiationUtils.getTokenStore(message).getToken(tokId);
> }
> - if (tok == null) {
> + if (tok == null || !tok.isExpired()) {
> tok = issueToken(message, aim);
> }
> if (tok != null) {
>
>