You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2011/05/06 18:28:12 UTC

svn commit: r1100269 - /cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java

Author: coheigea
Date: Fri May  6 16:28:11 2011
New Revision: 1100269

URL: http://svn.apache.org/viewvc?rev=1100269&view=rev
Log:
[CXF-3457] - Service fails to find IssuedToken using SAML bearer subject confirmation

Modified:
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java?rev=1100269&r1=1100268&r2=1100269&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java Fri May  6 16:28:11 2011
@@ -257,12 +257,9 @@ public class IssuedTokenInterceptorProvi
         ) {
             for (WSSecurityEngineResult wser : wsSecEngineResults) {
                 Integer actInt = (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
-                if (actInt.intValue() == WSConstants.ST_SIGNED) {
-                    AssertionWrapper assertionWrapper = 
-                        (AssertionWrapper)wser.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
-                    if (assertionWrapper.getSubjectKeyInfo() != null) {
-                        return wser;
-                    }
+                if (actInt.intValue() == WSConstants.ST_SIGNED
+                    || actInt.intValue() == WSConstants.ST_UNSIGNED) {
+                    return wser;
                 }
             }
             return null;
@@ -273,13 +270,15 @@ public class IssuedTokenInterceptorProvi
         ) {
             AssertionWrapper assertionWrapper = 
                 (AssertionWrapper)wser.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
-            SAMLKeyInfo subjectKeyInfo = assertionWrapper.getSubjectKeyInfo();
-            
             SecurityToken token = new SecurityToken(assertionWrapper.getId());
-            token.setSecret(subjectKeyInfo.getSecret());
-            X509Certificate[] certs = subjectKeyInfo.getCerts();
-            if (certs != null && certs.length > 0) {
-                token.setX509Certificate(certs[0], null);
+            
+            SAMLKeyInfo subjectKeyInfo = assertionWrapper.getSubjectKeyInfo();
+            if (subjectKeyInfo != null) {
+                token.setSecret(subjectKeyInfo.getSecret());
+                X509Certificate[] certs = subjectKeyInfo.getCerts();
+                if (certs != null && certs.length > 0) {
+                    token.setX509Certificate(certs[0], null);
+                }
             }
             if (assertionWrapper.getSaml1() != null) {
                 token.setTokenType(WSConstants.WSS_SAML_TOKEN_TYPE);