You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cxf.apache.org by co...@apache.org on 2014/01/23 11:33:45 UTC

svn commit: r1560622 - /cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java

Author: coheigea
Date: Thu Jan 23 10:33:44 2014
New Revision: 1560622

URL: http://svn.apache.org/r1560622
Log:
Merged revisions 1560621 via  git cherry-pick from
https://svn.apache.org/repos/asf/cxf/trunk

........
  r1560621 | coheigea | 2014-01-23 10:31:49 +0000 (Thu, 23 Jan 2014) | 2 lines

  Make sure a BinarySecurityToken was processed by a WSS4J Validator before checking against the IssuedToken policy

........

Modified:
    cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java

Modified: cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java?rev=1560622&r1=1560621&r2=1560622&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java (original)
+++ cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java Thu Jan 23 10:33:44 2014
@@ -589,7 +589,8 @@ public class IssuedTokenInterceptorProvi
             List<BinarySecurity> results = new ArrayList<BinarySecurity>();
             for (WSSecurityEngineResult wser : wsSecEngineResults) {
                 Integer actInt = (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
-                if (actInt.intValue() == WSConstants.BST) {
+                if (actInt.intValue() == WSConstants.BST 
+                    && Boolean.TRUE.equals(wser.get(WSSecurityEngineResult.TAG_VALIDATED_TOKEN))) {
                     results.add((BinarySecurity)wser.get(WSSecurityEngineResult.TAG_BINARY_SECURITY_TOKEN));
                 }
             }