You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2013/04/23 12:13:51 UTC
svn commit: r1470873 - in /cxf/trunk/services/sts/sts-core/src:
main/java/org/apache/cxf/sts/operation/AbstractOperation.java
test/java/org/apache/cxf/sts/operation/IssueEncryptedUnitTest.java
Author: coheigea
Date: Tue Apr 23 10:13:51 2013
New Revision: 1470873
URL: http://svn.apache.org/r1470873
Log:
[CXF-4978] - Only encrypt an issued token if we have a matching key
Modified:
cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java
cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueEncryptedUnitTest.java
Modified: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java?rev=1470873&r1=1470872&r2=1470873&view=diff
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java (original)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java Tue Apr 23 10:13:51 2013
@@ -304,7 +304,8 @@ public abstract class AbstractOperation
name = stsProperties.getEncryptionUsername();
}
if (name == null) {
- throw new STSException("No encryption alias is configured", STSException.REQUEST_FAILED);
+ LOG.fine("No encryption alias is configured");
+ return element;
}
// Get the encryption algorithm to use
Modified: cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueEncryptedUnitTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueEncryptedUnitTest.java?rev=1470873&r1=1470872&r2=1470873&view=diff
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueEncryptedUnitTest.java (original)
+++ cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueEncryptedUnitTest.java Tue Apr 23 10:13:51 2013
@@ -157,22 +157,19 @@ public class IssueEncryptedUnitTest exte
WrappedMessageContext msgCtx = new WrappedMessageContext(msg);
WebServiceContextImpl webServiceContext = new WebServiceContextImpl(msgCtx);
- // Issue a token - this will fail as the STSProperties has no encryption name specified
- try {
+ // Issue a token - as no encryption name has been specified the token will not be encrypted
+ RequestSecurityTokenResponseCollectionType response =
issueOperation.issue(request, webServiceContext);
- fail("Failure expected on no encryption name");
- } catch (STSException ex) {
- // expected
- }
+ List<RequestSecurityTokenResponseType> securityTokenResponse =
+ response.getRequestSecurityTokenResponse();
+ assertTrue(!securityTokenResponse.isEmpty());
encryptionProperties.setEncryptionName("myservicekey");
service.setEncryptionProperties(encryptionProperties);
- // Issue a token - this should work as the Service is configured with an EncryptionName
- RequestSecurityTokenResponseCollectionType response =
- issueOperation.issue(request, webServiceContext);
- List<RequestSecurityTokenResponseType> securityTokenResponse =
- response.getRequestSecurityTokenResponse();
+ // Issue a (encrypted) token
+ response = issueOperation.issue(request, webServiceContext);
+ securityTokenResponse = response.getRequestSecurityTokenResponse();
assertTrue(!securityTokenResponse.isEmpty());
}