You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2014/06/26 16:27:45 UTC
[2/4] git commit: Fixing problem with IssuedToken policy validation
Fixing problem with IssuedToken policy validation
Conflicts:
rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/b3cfe659
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/b3cfe659
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/b3cfe659
Branch: refs/heads/2.7.x-fixes
Commit: b3cfe6594d7be3ddd0b914e29c5ada240f97fe59
Parents: 0c0e20a
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Thu Jun 26 15:01:54 2014 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Thu Jun 26 15:22:36 2014 +0100
----------------------------------------------------------------------
.../IssuedTokenInterceptorProvider.java | 18 ++++++++++++++++--
1 file changed, 16 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/b3cfe659/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
index 9d69d17..2c37826 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
@@ -544,12 +544,23 @@ public class IssuedTokenInterceptorProvider extends AbstractPolicyInterceptorPro
if (ais == null) {
return;
}
+<<<<<<< HEAD
+=======
+
+ IssuedToken itok = (IssuedToken)ais.iterator().next().getAssertion();
+ assertIssuedToken(itok, aim);
+
+>>>>>>> 60bad6d... Fixing problem with IssuedToken policy validation
if (!isRequestor(message)) {
message.getExchange().remove(SecurityConstants.TOKEN);
List<WSHandlerResult> results =
CastUtils.cast((List<?>)message.get(WSHandlerConstants.RECV_RESULTS));
if (results != null && results.size() > 0) {
- parseHandlerResults(results.get(0), message, aim);
+ parseHandlerResults(results.get(0), message, ais);
+ }
+ } else {
+ for (AssertionInfo ai : ais) {
+ ai.setAsserted(true);
}
} else {
//client side should be checked on the way out
@@ -563,14 +574,17 @@ public class IssuedTokenInterceptorProvider extends AbstractPolicyInterceptorPro
private void parseHandlerResults(
WSHandlerResult rResult,
Message message,
- AssertionInfoMap aim
+ Collection<AssertionInfo> issuedAis
) {
List<WSSecurityEngineResult> signedResults =
WSS4JUtils.fetchAllActionResults(rResult.getResults(), WSConstants.SIGN);
IssuedTokenPolicyValidator issuedValidator =
new IssuedTokenPolicyValidator(signedResults, message);
+<<<<<<< HEAD
Collection<AssertionInfo> issuedAis = aim.get(SP12Constants.ISSUED_TOKEN);
+=======
+>>>>>>> 60bad6d... Fixing problem with IssuedToken policy validation
for (AssertionWrapper assertionWrapper : findSamlTokenResults(rResult.getResults())) {
boolean valid = issuedValidator.validatePolicy(issuedAis, assertionWrapper);