You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2012/04/04 13:26:17 UTC
svn commit: r1309334 - in /cxf/trunk/services/sts/sts-core/src:
main/java/org/apache/cxf/sts/token/validator/
test/java/org/apache/cxf/sts/cache/
Author: coheigea
Date: Wed Apr 4 11:26:16 2012
New Revision: 1309334
URL: http://svn.apache.org/viewvc?rev=1309334&view=rev
Log:
[CXF-4219] - Fixed a failing test in the STS
- Also enabled caching of validated SAML and UsernameTokens
Modified:
cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/SAMLTokenValidator.java
cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/UsernameTokenValidator.java
cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/cache/HazelCastTokenStoreTest.java
Modified: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/SAMLTokenValidator.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/SAMLTokenValidator.java?rev=1309334&r1=1309333&r2=1309334&view=diff
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/SAMLTokenValidator.java (original)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/SAMLTokenValidator.java Wed Apr 4 11:26:16 2012
@@ -18,6 +18,7 @@
*/
package org.apache.cxf.sts.token.validator;
+import java.security.Principal;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.HashMap;
@@ -220,6 +221,13 @@ public class SAMLTokenValidator implemen
return response;
}
+ // Store the successfully validated token in the cache
+ if (secToken == null) {
+ storeTokenInCache(
+ tokenParameters.getTokenStore(), assertion, tokenParameters.getPrincipal()
+ );
+ }
+
// Add the AssertionWrapper to the properties, as the claims are required to be transformed
Map<String, Object> addProps = new HashMap<String, Object>();
addProps.put(AssertionWrapper.class.getName(), assertion);
@@ -296,4 +304,30 @@ public class SAMLTokenValidator implemen
}
return true;
}
+
+ protected void storeTokenInCache(
+ TokenStore tokenStore,
+ AssertionWrapper assertion,
+ Principal principal
+ ) throws WSSecurityException {
+ // Store the successfully validated token in the cache
+ byte[] signatureValue = assertion.getSignatureValue();
+ if (tokenStore != null && signatureValue != null && signatureValue.length > 0) {
+ DateTime validTill = null;
+ if (assertion.getSamlVersion().equals(SAMLVersion.VERSION_20)) {
+ validTill = assertion.getSaml2().getConditions().getNotOnOrAfter();
+ } else {
+ validTill = assertion.getSaml1().getConditions().getNotOnOrAfter();
+ }
+
+ SecurityToken securityToken = new SecurityToken(assertion.getId(), null, validTill.toDate());
+ securityToken.setToken(assertion.getElement());
+ securityToken.setPrincipal(principal);
+
+ int hash = Arrays.hashCode(signatureValue);
+ securityToken.setTokenHash(hash);
+ String identifier = Integer.toString(hash);
+ tokenStore.add(identifier, securityToken);
+ }
+ }
}
Modified: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/UsernameTokenValidator.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/UsernameTokenValidator.java?rev=1309334&r1=1309333&r2=1309334&view=diff
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/UsernameTokenValidator.java (original)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/UsernameTokenValidator.java Wed Apr 4 11:26:16 2012
@@ -202,6 +202,16 @@ public class UsernameTokenValidator impl
}
}
+ // Store the successfully validated token in the cache
+ if (tokenParameters.getTokenStore() != null && secToken == null) {
+ secToken = new SecurityToken(ut.getID());
+ secToken.setToken(ut.getElement());
+ int hashCode = ut.hashCode();
+ String identifier = Integer.toString(hashCode);
+ secToken.setTokenHash(hashCode);
+ tokenParameters.getTokenStore().add(identifier, secToken);
+ }
+
response.setPrincipal(principal);
response.setTokenRealm(tokenRealm);
validateTarget.setState(STATE.VALID);
Modified: cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/cache/HazelCastTokenStoreTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/cache/HazelCastTokenStoreTest.java?rev=1309334&r1=1309333&r2=1309334&view=diff
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/cache/HazelCastTokenStoreTest.java (original)
+++ cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/cache/HazelCastTokenStoreTest.java Wed Apr 4 11:26:16 2012
@@ -39,14 +39,16 @@ public class HazelCastTokenStoreTest ext
String key = "key";
SecurityToken token = new SecurityToken(key);
store.add(token);
- assertEquals(token, store.getToken(key));
+ SecurityToken cachedToken = store.getToken(key);
+ assertEquals(token.getId(), cachedToken.getId());
store.remove(token.getId());
assertNull(store.getToken(key));
String newKey = "xyz";
store.add(newKey, token);
assertNull(store.getToken(key));
- assertEquals(token, store.getToken(newKey));
+ cachedToken = store.getToken(newKey);
+ assertEquals(key, cachedToken.getId());
store.remove(newKey);
assertNull(store.getToken(newKey));
}