You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@ws.apache.org by co...@apache.org on 2011/07/27 17:08:56 UTC

svn commit: r1151492 - /webservices/wss4j/trunk/src/main/java/org/apache/ws/security/validate/KerberosTokenValidator.java

Author: coheigea
Date: Wed Jul 27 15:08:56 2011
New Revision: 1151492

URL: http://svn.apache.org/viewvc?rev=1151492&view=rev
Log:
[WSS-251] - Only validate a Kerberos BST

Modified:
    webservices/wss4j/trunk/src/main/java/org/apache/ws/security/validate/KerberosTokenValidator.java

Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/validate/KerberosTokenValidator.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/validate/KerberosTokenValidator.java?rev=1151492&r1=1151491&r2=1151492&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/validate/KerberosTokenValidator.java (original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/validate/KerberosTokenValidator.java Wed Jul 27 15:08:56 2011
@@ -30,6 +30,7 @@ import javax.security.auth.login.LoginEx
 import org.apache.ws.security.WSSecurityException;
 import org.apache.ws.security.handler.RequestData;
 import org.apache.ws.security.message.token.BinarySecurity;
+import org.apache.ws.security.message.token.KerberosSecurity;
 import org.apache.ws.security.message.token.KerberosServiceAction;
 
 /**
@@ -105,6 +106,11 @@ public class KerberosTokenValidator impl
             throw new WSSecurityException(WSSecurityException.FAILURE, "noCredential");
         }
         
+        BinarySecurity binarySecurity = credential.getBinarySecurityToken();
+        if (!(binarySecurity instanceof KerberosSecurity)) {
+            return credential;
+        }
+        
         // Get a TGT from the KDC using JAAS
         LoginContext loginContext = null;
         try {
@@ -128,7 +134,6 @@ public class KerberosTokenValidator impl
             log.debug("Successfully authenticated to the TGT");
         }
         
-        BinarySecurity binarySecurity = credential.getBinarySecurityToken();
         byte[] token = binarySecurity.getToken();
         
         // Get the service name to use - fall back on the principal