You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2012/12/21 12:40:48 UTC
svn commit: r1424879 - in
/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j:
./ policyvalidators/
Author: coheigea
Date: Fri Dec 21 11:40:48 2012
New Revision: 1424879
URL: http://svn.apache.org/viewvc?rev=1424879&view=rev
Log:
Merged revisions 1424873 via git cherry-pick from
https://svn.apache.org/repos/asf/cxf/trunk
........
r1424873 | coheigea | 2012-12-21 11:34:18 +0000 (Fri, 21 Dec 2012) | 2 lines
[CXF-4716] - Make sure to validate all possible policies of a particular type
........
Modified:
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AsymmetricBindingPolicyValidator.java
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/ConcreteSupportingTokenPolicyValidator.java
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EncryptedTokenPolicyValidator.java
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EndorsingEncryptedTokenPolicyValidator.java
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EndorsingTokenPolicyValidator.java
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/IssuedTokenPolicyValidator.java
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/KerberosTokenPolicyValidator.java
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SamlTokenPolicyValidator.java
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SecurityContextTokenPolicyValidator.java
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEncryptedTokenPolicyValidator.java
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEndorsingEncryptedTokenPolicyValidator.java
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEndorsingTokenPolicyValidator.java
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedTokenPolicyValidator.java
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SymmetricBindingPolicyValidator.java
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/TransportBindingPolicyValidator.java
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/UsernameTokenPolicyValidator.java
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/WSS11PolicyValidator.java
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/X509TokenPolicyValidator.java
Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java (original)
+++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java Fri Dec 21 11:40:48 2012
@@ -424,7 +424,6 @@ public class PolicyBasedWSS4JInIntercept
ai.setNotAsserted("No " + type
+ " element found matching one of the XPaths "
+ Arrays.toString(xpaths.toArray()));
- return false;
}
}
}
@@ -459,7 +458,7 @@ public class PolicyBasedWSS4JInIntercept
}
} catch (WSSecurityException e) {
ai.setNotAsserted(msg.getVersion().getBody() + " not " + type);
- return false;
+ continue;
}
}
@@ -470,7 +469,6 @@ public class PolicyBasedWSS4JInIntercept
CoverageScope.ELEMENT);
} catch (WSSecurityException e) {
ai.setNotAsserted(h.getQName() + " not + " + type);
- return false;
}
}
}
@@ -864,7 +862,6 @@ public class PolicyBasedWSS4JInIntercept
if (header == null
|| DOMUtils.getFirstChildWithName((Element)header, h.getQName()) == null) {
ai.setNotAsserted("No header element of name " + h.getQName() + " found.");
- return false;
}
}
}
@@ -888,11 +885,9 @@ public class PolicyBasedWSS4JInIntercept
XPathConstants.NODESET);
if (list.getLength() == 0) {
ai.setNotAsserted("No header element matching XPath " + expression + " found.");
- return false;
}
} catch (XPathExpressionException e) {
ai.setNotAsserted("Invalid XPath expression " + expression + " " + e.getMessage());
- return false;
}
}
}
Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AsymmetricBindingPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AsymmetricBindingPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AsymmetricBindingPolicyValidator.java (original)
+++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AsymmetricBindingPolicyValidator.java Fri Dec 21 11:40:48 2012
@@ -69,17 +69,17 @@ public class AsymmetricBindingPolicyVali
// Check the protection order
if (!checkProtectionOrder(binding, ai, results)) {
- return false;
+ continue;
}
// Check various properties of the binding
if (!checkProperties(binding, ai, aim, results, signedResults, message)) {
- return false;
+ continue;
}
// Check various tokens of the binding
if (!checkTokens(binding, ai, aim, hasDerivedKeys, signedResults, encryptedResults)) {
- return false;
+ continue;
}
}
Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/ConcreteSupportingTokenPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/ConcreteSupportingTokenPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/ConcreteSupportingTokenPolicyValidator.java (original)
+++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/ConcreteSupportingTokenPolicyValidator.java Fri Dec 21 11:40:48 2012
@@ -115,7 +115,7 @@ public class ConcreteSupportingTokenPoli
ai.setNotAsserted(
"The received token does not match the supporting token requirement"
);
- return false;
+ continue;
}
}
Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EncryptedTokenPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EncryptedTokenPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EncryptedTokenPolicyValidator.java (original)
+++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EncryptedTokenPolicyValidator.java Fri Dec 21 11:40:48 2012
@@ -115,7 +115,7 @@ public class EncryptedTokenPolicyValidat
ai.setNotAsserted(
"The received token does not match the encrypted supporting token requirement"
);
- return false;
+ continue;
}
}
}
Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EndorsingEncryptedTokenPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EndorsingEncryptedTokenPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EndorsingEncryptedTokenPolicyValidator.java (original)
+++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EndorsingEncryptedTokenPolicyValidator.java Fri Dec 21 11:40:48 2012
@@ -120,7 +120,7 @@ public class EndorsingEncryptedTokenPoli
"The received token does not match the endorsing encrypted "
+ "supporting token requirement"
);
- return false;
+ continue;
}
}
}
Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EndorsingTokenPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EndorsingTokenPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EndorsingTokenPolicyValidator.java (original)
+++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EndorsingTokenPolicyValidator.java Fri Dec 21 11:40:48 2012
@@ -118,7 +118,7 @@ public class EndorsingTokenPolicyValidat
ai.setNotAsserted(
"The received token does not match the endorsing supporting token requirement"
);
- return false;
+ continue;
}
}
}
Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/IssuedTokenPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/IssuedTokenPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/IssuedTokenPolicyValidator.java (original)
+++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/IssuedTokenPolicyValidator.java Fri Dec 21 11:40:48 2012
@@ -76,13 +76,13 @@ public class IssuedTokenPolicyValidator
ai.setNotAsserted(
"The received token does not match the token inclusion requirement"
);
- return false;
+ continue;
}
Element template = issuedToken.getRstTemplate();
if (template != null && !checkIssuedTokenTemplate(template, assertionWrapper)) {
ai.setNotAsserted("Error in validating the IssuedToken policy");
- return false;
+ continue;
}
TLSSessionInfo tlsInfo = message.get(TLSSessionInfo.class);
@@ -92,7 +92,7 @@ public class IssuedTokenPolicyValidator
}
if (!checkHolderOfKey(assertionWrapper, signedResults, tlsCerts)) {
ai.setNotAsserted("Assertion fails holder-of-key requirements");
- return false;
+ continue;
}
}
return true;
Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/KerberosTokenPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/KerberosTokenPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/KerberosTokenPolicyValidator.java (original)
+++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/KerberosTokenPolicyValidator.java Fri Dec 21 11:40:48 2012
@@ -58,7 +58,7 @@ public class KerberosTokenPolicyValidato
if (!checkToken(kerberosTokenPolicy, kerberosToken)) {
ai.setNotAsserted("An incorrect Kerberos Token Type is detected");
- return false;
+ continue;
}
}
}
Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SamlTokenPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SamlTokenPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SamlTokenPolicyValidator.java (original)
+++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SamlTokenPolicyValidator.java Fri Dec 21 11:40:48 2012
@@ -78,7 +78,7 @@ public class SamlTokenPolicyValidator ex
ai.setNotAsserted(
"The received token does not match the token inclusion requirement"
);
- return false;
+ continue;
}
// All of the received SAML Assertions must conform to the policy
@@ -88,7 +88,7 @@ public class SamlTokenPolicyValidator ex
if (!checkVersion(samlToken, assertionWrapper)) {
ai.setNotAsserted("Wrong SAML Version");
- return false;
+ continue;
}
TLSSessionInfo tlsInfo = message.get(TLSSessionInfo.class);
Certificate[] tlsCerts = null;
@@ -97,11 +97,11 @@ public class SamlTokenPolicyValidator ex
}
if (!checkHolderOfKey(assertionWrapper, signedResults, tlsCerts)) {
ai.setNotAsserted("Assertion fails holder-of-key requirements");
- return false;
+ continue;
}
if (!SAMLUtils.checkSenderVouches(assertionWrapper, tlsCerts, body, signed)) {
ai.setNotAsserted("Assertion fails sender-vouches requirements");
- return false;
+ continue;
}
/*
if (!checkIssuerName(samlToken, assertionWrapper)) {
Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SecurityContextTokenPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SecurityContextTokenPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SecurityContextTokenPolicyValidator.java (original)
+++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SecurityContextTokenPolicyValidator.java Fri Dec 21 11:40:48 2012
@@ -67,7 +67,7 @@ public class SecurityContextTokenPolicyV
ai.setNotAsserted(
"The received token does not match the token inclusion requirement"
);
- return false;
+ continue;
}
}
return true;
Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEncryptedTokenPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEncryptedTokenPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEncryptedTokenPolicyValidator.java (original)
+++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEncryptedTokenPolicyValidator.java Fri Dec 21 11:40:48 2012
@@ -116,7 +116,7 @@ public class SignedEncryptedTokenPolicyV
ai.setNotAsserted(
"The received token does not match the signed encrypted supporting token requirement"
);
- return false;
+ continue;
}
}
}
Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEndorsingEncryptedTokenPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEndorsingEncryptedTokenPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEndorsingEncryptedTokenPolicyValidator.java (original)
+++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEndorsingEncryptedTokenPolicyValidator.java Fri Dec 21 11:40:48 2012
@@ -121,7 +121,7 @@ public class SignedEndorsingEncryptedTok
"The received token does not match the signed endorsing encrypted "
+ "supporting token requirement"
);
- return false;
+ continue;
}
}
}
Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEndorsingTokenPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEndorsingTokenPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEndorsingTokenPolicyValidator.java (original)
+++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEndorsingTokenPolicyValidator.java Fri Dec 21 11:40:48 2012
@@ -118,7 +118,7 @@ public class SignedEndorsingTokenPolicyV
ai.setNotAsserted(
"The received token does not match the signed endorsing supporting token requirement"
);
- return false;
+ continue;
}
}
}
Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedTokenPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedTokenPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedTokenPolicyValidator.java (original)
+++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedTokenPolicyValidator.java Fri Dec 21 11:40:48 2012
@@ -115,7 +115,7 @@ public class SignedTokenPolicyValidator
ai.setNotAsserted(
"The received token does not match the signed supporting token requirement"
);
- return false;
+ continue;
}
}
Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SymmetricBindingPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SymmetricBindingPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SymmetricBindingPolicyValidator.java (original)
+++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SymmetricBindingPolicyValidator.java Fri Dec 21 11:40:48 2012
@@ -65,17 +65,17 @@ public class SymmetricBindingPolicyValid
// Check the protection order
if (!checkProtectionOrder(binding, ai, results)) {
- return false;
+ continue;
}
// Check various properties of the binding
if (!checkProperties(binding, ai, aim, results, signedResults, message)) {
- return false;
+ continue;
}
// Check various tokens of the binding
if (!checkTokens(binding, ai, aim, hasDerivedKeys, signedResults, encryptedResults)) {
- return false;
+ continue;
}
}
Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/TransportBindingPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/TransportBindingPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/TransportBindingPolicyValidator.java (original)
+++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/TransportBindingPolicyValidator.java Fri Dec 21 11:40:48 2012
@@ -62,7 +62,7 @@ public class TransportBindingPolicyValid
TLSSessionInfo tlsInfo = message.get(TLSSessionInfo.class);
if (!initiator && tlsInfo == null) {
ai.setNotAsserted("TLS is not enabled");
- return false;
+ continue;
}
// HttpsToken is validated by the HttpsTokenInterceptorProvider
@@ -75,7 +75,7 @@ public class TransportBindingPolicyValid
String error = "Received Timestamp does not match the requirements";
notAssertPolicy(aim, SP12Constants.INCLUDE_TIMESTAMP, error);
ai.setNotAsserted(error);
- return false;
+ continue;
}
assertPolicy(aim, SP12Constants.INCLUDE_TIMESTAMP);
@@ -87,7 +87,7 @@ public class TransportBindingPolicyValid
String error = "Layout does not match the requirements";
notAssertPolicy(aim, SP12Constants.LAYOUT, error);
ai.setNotAsserted(error);
- return false;
+ continue;
}
assertPolicy(aim, SP12Constants.LAYOUT);
}
Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/UsernameTokenPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/UsernameTokenPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/UsernameTokenPolicyValidator.java (original)
+++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/UsernameTokenPolicyValidator.java Fri Dec 21 11:40:48 2012
@@ -69,11 +69,11 @@ public class UsernameTokenPolicyValidato
ai.setNotAsserted(
"The received token does not match the token inclusion requirement"
);
- return false;
+ continue;
}
if (!checkTokens(usernameTokenPolicy, ai, utResults)) {
- return false;
+ continue;
}
}
return true;
Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/WSS11PolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/WSS11PolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/WSS11PolicyValidator.java (original)
+++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/WSS11PolicyValidator.java Fri Dec 21 11:40:48 2012
@@ -67,7 +67,7 @@ public class WSS11PolicyValidator implem
ai.setNotAsserted(
"Signature Confirmation policy validation failed"
);
- return false;
+ continue;
}
}
return true;
Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/X509TokenPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/X509TokenPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/X509TokenPolicyValidator.java (original)
+++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/X509TokenPolicyValidator.java Fri Dec 21 11:40:48 2012
@@ -71,12 +71,12 @@ public class X509TokenPolicyValidator ex
ai.setNotAsserted(
"The received token does not match the token inclusion requirement"
);
- return false;
+ continue;
}
if (!checkTokenType(x509TokenPolicy.getTokenVersionAndType(), bstResults)) {
ai.setNotAsserted("An incorrect X.509 Token Type is detected");
- return false;
+ continue;
}
}
return true;