You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2017/03/29 10:52:17 UTC
cxf git commit: Making sure XmlSec/Sig/Enc in interceptors do not run
on the client side unless the response code is 200
Repository: cxf
Updated Branches:
refs/heads/master 2ea81b5f7 -> be2bf8d64
Making sure XmlSec/Sig/Enc in interceptors do not run on the client side unless the response code is 200
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/be2bf8d6
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/be2bf8d6
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/be2bf8d6
Branch: refs/heads/master
Commit: be2bf8d644887fc1853210b9b82db897c4d73dd0
Parents: 2ea81b5
Author: Sergey Beryozkin <sb...@gmail.com>
Authored: Wed Mar 29 11:52:01 2017 +0100
Committer: Sergey Beryozkin <sb...@gmail.com>
Committed: Wed Mar 29 11:52:01 2017 +0100
----------------------------------------------------------------------
.../rs/security/xml/AbstractXmlSecInHandler.java | 17 +++++++++++++----
.../cxf/rs/security/xml/XmlSecInInterceptor.java | 18 +++++++++++++++---
2 files changed, 28 insertions(+), 7 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/be2bf8d6/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java
index 24bac79..3ae5e02 100644
--- a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java
+++ b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java
@@ -34,6 +34,7 @@ import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.jaxrs.utils.ExceptionUtils;
import org.apache.cxf.jaxrs.utils.JAXRSUtils;
import org.apache.cxf.message.Message;
+import org.apache.cxf.message.MessageUtils;
import org.apache.cxf.staxutils.StaxUtils;
import org.apache.cxf.staxutils.W3CDOMStreamReader;
import org.apache.wss4j.common.crypto.WSProviderConfig;
@@ -70,11 +71,14 @@ public abstract class AbstractXmlSecInHandler {
}
protected Document getDocument(Message message) {
- String method = (String)message.get(Message.HTTP_REQUEST_METHOD);
- if ("GET".equals(method)) {
+ if (isServerGet(message)) {
return null;
+ } else {
+ Integer responseCode = (Integer)message.get(Message.RESPONSE_CODE);
+ if (responseCode != null && responseCode != 200) {
+ return null;
+ }
}
-
Document doc = null;
InputStream is = message.getContent(InputStream.class);
if (is != null) {
@@ -94,6 +98,11 @@ public abstract class AbstractXmlSecInHandler {
}
return doc;
}
+
+ protected boolean isServerGet(Message message) {
+ String method = (String)message.get(Message.HTTP_REQUEST_METHOD);
+ return "GET".equals(method) && !MessageUtils.isRequestor(message);
+ }
protected void throwFault(String error, Exception ex) {
StringBuilder log = new StringBuilder(error);
@@ -101,7 +110,7 @@ public abstract class AbstractXmlSecInHandler {
log = log.append(" - ").append(ex.getMessage());
}
LOG.warning(log.toString());
- Response response = JAXRSUtils.toResponseBuilder(400).entity(error).build();
+ Response response = JAXRSUtils.toResponseBuilder(400).entity(error).type("text/plain").build();
throw ExceptionUtils.toBadRequestException(null, response);
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/be2bf8d6/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
index 5730381..e5e45be 100644
--- a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
+++ b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
@@ -101,7 +101,7 @@ public class XmlSecInInterceptor extends AbstractPhaseInterceptor<Message> imple
}
public void handleMessage(Message message) throws Fault {
- if (isServerGet(message)) {
+ if (!canDocumentBeRead(message)) {
return;
}
prepareMessage(message);
@@ -144,6 +144,18 @@ public class XmlSecInInterceptor extends AbstractPhaseInterceptor<Message> imple
}
}
+ private boolean canDocumentBeRead(Message message) {
+ if (isServerGet(message)) {
+ return false;
+ } else {
+ Integer responseCode = (Integer)message.get(Message.RESPONSE_CODE);
+ if (responseCode != null && responseCode != 200) {
+ return false;
+ }
+ }
+ return true;
+ }
+
private boolean isServerGet(Message message) {
String method = (String)message.get(Message.HTTP_REQUEST_METHOD);
return "GET".equals(method) && !MessageUtils.isRequestor(message);
@@ -360,7 +372,7 @@ public class XmlSecInInterceptor extends AbstractPhaseInterceptor<Message> imple
protected void throwFault(String error, Exception ex) {
LOG.warning(error);
- Response response = JAXRSUtils.toResponseBuilder(400).entity(error).build();
+ Response response = JAXRSUtils.toResponseBuilder(400).entity(error).type("text/plain").build();
throw ExceptionUtils.toBadRequestException(null, response);
}
@@ -446,7 +458,7 @@ public class XmlSecInInterceptor extends AbstractPhaseInterceptor<Message> imple
public Object aroundReadFrom(ReaderInterceptorContext ctx) throws IOException, WebApplicationException {
Message message = ((ReaderInterceptorContextImpl)ctx).getMessage();
- if (isServerGet(message)) {
+ if (!canDocumentBeRead(message)) {
return ctx.proceed();
} else {
prepareMessage(message);