You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2011/05/06 18:28:12 UTC
svn commit: r1100269 -
/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
Author: coheigea
Date: Fri May 6 16:28:11 2011
New Revision: 1100269
URL: http://svn.apache.org/viewvc?rev=1100269&view=rev
Log:
[CXF-3457] - Service fails to find IssuedToken using SAML bearer subject confirmation
Modified:
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java?rev=1100269&r1=1100268&r2=1100269&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java Fri May 6 16:28:11 2011
@@ -257,12 +257,9 @@ public class IssuedTokenInterceptorProvi
) {
for (WSSecurityEngineResult wser : wsSecEngineResults) {
Integer actInt = (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
- if (actInt.intValue() == WSConstants.ST_SIGNED) {
- AssertionWrapper assertionWrapper =
- (AssertionWrapper)wser.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
- if (assertionWrapper.getSubjectKeyInfo() != null) {
- return wser;
- }
+ if (actInt.intValue() == WSConstants.ST_SIGNED
+ || actInt.intValue() == WSConstants.ST_UNSIGNED) {
+ return wser;
}
}
return null;
@@ -273,13 +270,15 @@ public class IssuedTokenInterceptorProvi
) {
AssertionWrapper assertionWrapper =
(AssertionWrapper)wser.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
- SAMLKeyInfo subjectKeyInfo = assertionWrapper.getSubjectKeyInfo();
-
SecurityToken token = new SecurityToken(assertionWrapper.getId());
- token.setSecret(subjectKeyInfo.getSecret());
- X509Certificate[] certs = subjectKeyInfo.getCerts();
- if (certs != null && certs.length > 0) {
- token.setX509Certificate(certs[0], null);
+
+ SAMLKeyInfo subjectKeyInfo = assertionWrapper.getSubjectKeyInfo();
+ if (subjectKeyInfo != null) {
+ token.setSecret(subjectKeyInfo.getSecret());
+ X509Certificate[] certs = subjectKeyInfo.getCerts();
+ if (certs != null && certs.length > 0) {
+ token.setX509Certificate(certs[0], null);
+ }
}
if (assertionWrapper.getSaml1() != null) {
token.setTokenType(WSConstants.WSS_SAML_TOKEN_TYPE);