cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1100270 - /cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
Date Fri, 06 May 2011 16:28:42 GMT
Author: coheigea
Date: Fri May  6 16:28:42 2011
New Revision: 1100270

URL: http://svn.apache.org/viewvc?rev=1100270&view=rev
Log:
Skip policy checking for SIGNED_PARTS and ENCRYPTED_PARTS when using the Transport Binding

Modified:
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java?rev=1100270&r1=1100269&r2=1100270&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
Fri May  6 16:28:42 2011
@@ -604,10 +604,18 @@ public class PolicyBasedWSS4JInIntercept
         
         CryptoCoverageUtil.reconcileEncryptedSignedRefs(signed, encrypted);
         
-        assertTokens(aim, SP12Constants.SIGNED_PARTS, signed, msg, soapHeader, soapBody,
CoverageType.SIGNED);
-        assertTokens(
-            aim, SP12Constants.ENCRYPTED_PARTS, encrypted, msg, soapHeader, soapBody, CoverageType.ENCRYPTED
-        );
+        //
+        // SIGNED_PARTS and ENCRYPTED_PARTS only apply to non-Transport bindings
+        //
+        if (!isTransportBinding(aim)) {
+            assertTokens(
+                aim, SP12Constants.SIGNED_PARTS, signed, msg, soapHeader, soapBody, CoverageType.SIGNED
+            );
+            assertTokens(
+                aim, SP12Constants.ENCRYPTED_PARTS, encrypted, msg, soapHeader, soapBody,

+                CoverageType.ENCRYPTED
+            );
+        }
         Element soapEnvelope = soapHeader.getOwnerDocument().getDocumentElement();
         assertXPathTokens(aim, SP12Constants.SIGNED_ELEMENTS, signed, msg, soapEnvelope,
                 CoverageType.SIGNED, CoverageScope.ELEMENT);
@@ -780,5 +788,21 @@ public class PolicyBasedWSS4JInIntercept
         assertPolicy(aim, SP12Constants.SIGNED_PARTS);
         return true;
     }
+    
+    private boolean isTransportBinding(AssertionInfoMap aim) {
+        Collection<AssertionInfo> ais = aim.get(SP12Constants.TRANSPORT_BINDING);
+        if (ais != null && ais.size() > 0) {
+            ais = aim.get(SP12Constants.SYMMETRIC_BINDING);
+            if (ais != null && ais.size() > 0) {
+                return false;
+            }
+            ais = aim.get(SP12Constants.ASYMMETRIC_BINDING);
+            if (ais != null && ais.size() > 0) {
+                return false;
+            }
+            return true;
+        }
+        return false;
+    }
 
 }



Mime
View raw message