You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@cxf.apache.org by Aki Yoshida <el...@gmail.com> on 2013/03/14 14:25:09 UTC

Re: svn commit: r1455859 - /cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenOutInterceptor.java

Hi Colm,

I think the old expired token needs to be removed from the cache.

so instead of
-                if (tok == null) {
+                if (tok == null || !tok.isExpired()) {

shouldn't we have something like?

                 if (tokId != null) {
                     tok =
NegotiationUtils.getTokenStore(message).getToken(tokId);
+                    if (tok != null && tok.isExpired()) {
+
message.getExchange().get(Endpoint.class).remove(SecurityConstants.TOKEN_ID);
+
message.getExchange().remove(SecurityConstants.TOKEN_ID);
+
NegotiationUtils.getTokenStore(message).remove(tok.getId());
+                        tok = null;
+                    }
                 }
                 if (tok == null) {
                     tok = issueToken(message, aim);

regards, aki



2013/3/13  <co...@apache.org>:
> Author: coheigea
> Date: Wed Mar 13 10:09:32 2013
> New Revision: 1455859
>
> URL: http://svn.apache.org/r1455859
> Log:
> Get a new SPNEGO token on expiry
>
> Modified:
>     cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenOutInterceptor.java
>
> Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenOutInterceptor.java
> URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenOutInterceptor.java?rev=1455859&r1=1455858&r2=1455859&view=diff
> ==============================================================================
> --- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenOutInterceptor.java (original)
> +++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SpnegoContextTokenOutInterceptor.java Wed Mar 13 10:09:32 2013
> @@ -61,7 +61,7 @@ class SpnegoContextTokenOutInterceptor e
>                  if (tokId != null) {
>                      tok = NegotiationUtils.getTokenStore(message).getToken(tokId);
>                  }
> -                if (tok == null) {
> +                if (tok == null || !tok.isExpired()) {
>                      tok = issueToken(message, aim);
>                  }
>                  if (tok != null) {
>
>