cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1236649 - /cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractBindingPolicyValidator.java
Date Fri, 27 Jan 2012 12:23:12 GMT
Author: coheigea
Date: Fri Jan 27 12:23:11 2012
New Revision: 1236649

URL: http://svn.apache.org/viewvc?rev=1236649&view=rev
Log:
Enforcing that only one Timestamp is allowed per security header

Modified:
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractBindingPolicyValidator.java

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractBindingPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractBindingPolicyValidator.java?rev=1236649&r1=1236648&r2=1236649&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractBindingPolicyValidator.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractBindingPolicyValidator.java
Fri Jan 27 12:23:11 2012
@@ -74,12 +74,13 @@ public abstract class AbstractBindingPol
         WSSecurityUtil.fetchAllActionResults(results, WSConstants.TS, timestampResults);
         
         // Check whether we received a timestamp and compare it to the policy
-        if (includeTimestamp && timestampResults.isEmpty()) {
-            return false;
-        } else if (!includeTimestamp && !timestampResults.isEmpty()) {
+        if (includeTimestamp && timestampResults.size() != 1) {
             return false;
         } else if (!includeTimestamp) {
-            return true;
+            if (timestampResults.isEmpty()) {
+                return true;
+            }
+            return false;
         }
         
         // At this point we received a (required) Timestamp. Now check that it is integrity
protected.



Mime
View raw message