cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1236651 - /cxf/branches/2.5.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractBindingPolicyValidator.java
Date Fri, 27 Jan 2012 12:25:57 GMT
Author: coheigea
Date: Fri Jan 27 12:25:56 2012
New Revision: 1236651

URL: http://svn.apache.org/viewvc?rev=1236651&view=rev
Log:
Enforcing that only one Timestamp is allowed per security header

Modified:
    cxf/branches/2.5.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractBindingPolicyValidator.java

Modified: cxf/branches/2.5.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractBindingPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.5.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractBindingPolicyValidator.java?rev=1236651&r1=1236650&r2=1236651&view=diff
==============================================================================
--- cxf/branches/2.5.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractBindingPolicyValidator.java
(original)
+++ cxf/branches/2.5.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractBindingPolicyValidator.java
Fri Jan 27 12:25:56 2012
@@ -74,12 +74,13 @@ public abstract class AbstractBindingPol
         WSSecurityUtil.fetchAllActionResults(results, WSConstants.TS, timestampResults);
         
         // Check whether we received a timestamp and compare it to the policy
-        if (includeTimestamp && timestampResults.isEmpty()) {
-            return false;
-        } else if (!includeTimestamp && !timestampResults.isEmpty()) {
+        if (includeTimestamp && timestampResults.size() != 1) {
             return false;
         } else if (!includeTimestamp) {
-            return true;
+            if (timestampResults.isEmpty()) {
+                return true;
+            }
+            return false;
         }
         
         // At this point we received a (required) Timestamp. Now check that it is integrity
protected.



Mime
View raw message