cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1203672 - /cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/DefaultSubjectProvider.java
Date Fri, 18 Nov 2011 14:38:21 GMT
Author: coheigea
Date: Fri Nov 18 14:38:21 2011
New Revision: 1203672

URL: http://svn.apache.org/viewvc?rev=1203672&view=rev
Log:
[CXF-3923] - Support for OnBehalfOf in SAMLTokenProvider
 - Patch applied, thanks.

Modified:
    cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/DefaultSubjectProvider.java

Modified: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/DefaultSubjectProvider.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/DefaultSubjectProvider.java?rev=1203672&r1=1203671&r2=1203672&view=diff
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/DefaultSubjectProvider.java
(original)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/DefaultSubjectProvider.java
Fri Nov 18 14:38:21 2011
@@ -30,14 +30,17 @@ import org.apache.cxf.common.logging.Log
 import org.apache.cxf.sts.STSConstants;
 import org.apache.cxf.sts.STSPropertiesMBean;
 import org.apache.cxf.sts.request.KeyRequirements;
+import org.apache.cxf.sts.request.ReceivedToken;
 import org.apache.cxf.sts.request.TokenRequirements;
 import org.apache.cxf.sts.service.EncryptionProperties;
 import org.apache.cxf.ws.security.sts.provider.STSException;
+import org.apache.ws.security.SAMLTokenPrincipal;
 import org.apache.ws.security.WSConstants;
 import org.apache.ws.security.WSSecurityException;
 import org.apache.ws.security.components.crypto.Crypto;
 import org.apache.ws.security.components.crypto.CryptoType;
 import org.apache.ws.security.message.WSSecEncryptedKey;
+import org.apache.ws.security.saml.ext.AssertionWrapper;
 import org.apache.ws.security.saml.ext.bean.KeyInfoBean;
 import org.apache.ws.security.saml.ext.bean.KeyInfoBean.CERT_IDENTIFIER;
 import org.apache.ws.security.saml.ext.bean.SubjectBean;
@@ -78,7 +81,23 @@ public class DefaultSubjectProvider impl
         String keyType = keyRequirements.getKeyType();
         String confirmationMethod = getSubjectConfirmationMethod(tokenType, keyType);
         
-        Principal principal = providerParameters.getPrincipal();
+        Principal principal = null;
+        ReceivedToken receivedToken = providerParameters.getTokenRequirements().getOnBehalfOf();
+        //[TODO] ActAs support
+        if (receivedToken != null && receivedToken.isDOMElement()) {
+            LOG.fine("Received token is DOM element: " + receivedToken.isDOMElement());
+            Element receivedTokenElement = (Element)receivedToken.getToken();
+            try {
+                AssertionWrapper assertion = new AssertionWrapper(receivedTokenElement);
+                principal = new SAMLTokenPrincipal(assertion);
+            } catch (WSSecurityException e) {
+                LOG.log(Level.WARNING, "Failed to parse OnBehalfOf element", e);
+                throw new STSException("Unknown OnBehalfOf element", STSException.REQUEST_FAILED);
+            }
+        } else {
+            principal = providerParameters.getPrincipal();
+        }
+        
         SubjectBean subjectBean = 
             new SubjectBean(principal.getName(), subjectNameQualifier, confirmationMethod);
         LOG.fine("Creating new subject with principal name: " + principal.getName());



Mime
View raw message