You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cxf.apache.org by co...@apache.org on 2013/06/14 17:31:19 UTC

svn commit: r1493119 - /cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractSupportingTokenPolicyValidator.java

Author: coheigea
Date: Fri Jun 14 15:31:18 2013
New Revision: 1493119

URL: http://svn.apache.org/r1493119
Log:
Merged revisions 1493108 via  git cherry-pick from
https://svn.apache.org/repos/asf/cxf/trunk

........
  r1493108 | coheigea | 2013-06-14 16:12:19 +0100 (Fri, 14 Jun 2013) | 2 lines

  [CXF-5056] - EndorsingSupportingTokens with both transport security and message layer security applied

........

Modified:
    cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractSupportingTokenPolicyValidator.java

Modified: cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractSupportingTokenPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractSupportingTokenPolicyValidator.java?rev=1493119&r1=1493118&r2=1493119&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractSupportingTokenPolicyValidator.java (original)
+++ cxf/branches/2.7.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractSupportingTokenPolicyValidator.java Fri Jun 14 15:31:18 2013
@@ -468,10 +468,14 @@ public abstract class AbstractSupporting
      * @return true if the endorsed supporting token policy is correct
      */
     private boolean checkEndorsed(List<WSSecurityEngineResult> tokenResults) {
+        boolean endorsingSatisfied = false;
         if (isTLSInUse()) {
-            return checkTimestampIsSigned(tokenResults);
+            endorsingSatisfied = checkTimestampIsSigned(tokenResults);
         }
-        return checkSignatureIsSigned(tokenResults);
+        if (!endorsingSatisfied) {
+            endorsingSatisfied = checkSignatureIsSigned(tokenResults);
+        }
+        return endorsingSatisfied;
     }