cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1309334 - in /cxf/trunk/services/sts/sts-core/src: main/java/org/apache/cxf/sts/token/validator/ test/java/org/apache/cxf/sts/cache/
Date Wed, 04 Apr 2012 11:26:17 GMT
Author: coheigea
Date: Wed Apr  4 11:26:16 2012
New Revision: 1309334

URL: http://svn.apache.org/viewvc?rev=1309334&view=rev
Log:
[CXF-4219] - Fixed a failing test in the STS
 - Also enabled caching of validated SAML and UsernameTokens

Modified:
    cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/SAMLTokenValidator.java
    cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/UsernameTokenValidator.java
    cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/cache/HazelCastTokenStoreTest.java

Modified: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/SAMLTokenValidator.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/SAMLTokenValidator.java?rev=1309334&r1=1309333&r2=1309334&view=diff
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/SAMLTokenValidator.java
(original)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/SAMLTokenValidator.java
Wed Apr  4 11:26:16 2012
@@ -18,6 +18,7 @@
  */
 package org.apache.cxf.sts.token.validator;
 
+import java.security.Principal;
 import java.security.cert.X509Certificate;
 import java.util.Arrays;
 import java.util.HashMap;
@@ -220,6 +221,13 @@ public class SAMLTokenValidator implemen
                 return response;
             }
             
+            // Store the successfully validated token in the cache
+            if (secToken == null) {
+                storeTokenInCache(
+                    tokenParameters.getTokenStore(), assertion, tokenParameters.getPrincipal()
+                );
+            }
+            
             // Add the AssertionWrapper to the properties, as the claims are required to
be transformed
             Map<String, Object> addProps = new HashMap<String, Object>();
             addProps.put(AssertionWrapper.class.getName(), assertion);
@@ -296,4 +304,30 @@ public class SAMLTokenValidator implemen
         }
         return true;
     }
+    
+    protected void storeTokenInCache(
+        TokenStore tokenStore, 
+        AssertionWrapper assertion, 
+        Principal principal
+    ) throws WSSecurityException {
+        // Store the successfully validated token in the cache
+        byte[] signatureValue = assertion.getSignatureValue();
+        if (tokenStore != null && signatureValue != null && signatureValue.length
> 0) {
+            DateTime validTill = null;
+            if (assertion.getSamlVersion().equals(SAMLVersion.VERSION_20)) {
+                validTill = assertion.getSaml2().getConditions().getNotOnOrAfter();
+            } else {
+                validTill = assertion.getSaml1().getConditions().getNotOnOrAfter();
+            }
+            
+            SecurityToken securityToken = new SecurityToken(assertion.getId(), null, validTill.toDate());
+            securityToken.setToken(assertion.getElement());
+            securityToken.setPrincipal(principal);
+
+            int hash = Arrays.hashCode(signatureValue);
+            securityToken.setTokenHash(hash);
+            String identifier = Integer.toString(hash);
+            tokenStore.add(identifier, securityToken);
+        }
+    }
 }

Modified: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/UsernameTokenValidator.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/UsernameTokenValidator.java?rev=1309334&r1=1309333&r2=1309334&view=diff
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/UsernameTokenValidator.java
(original)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/UsernameTokenValidator.java
Wed Apr  4 11:26:16 2012
@@ -202,6 +202,16 @@ public class UsernameTokenValidator impl
                 }
             }
             
+            // Store the successfully validated token in the cache
+            if (tokenParameters.getTokenStore() != null && secToken == null) {
+                secToken = new SecurityToken(ut.getID());
+                secToken.setToken(ut.getElement());
+                int hashCode = ut.hashCode();
+                String identifier = Integer.toString(hashCode);
+                secToken.setTokenHash(hashCode);
+                tokenParameters.getTokenStore().add(identifier, secToken);
+            }
+            
             response.setPrincipal(principal);
             response.setTokenRealm(tokenRealm);
             validateTarget.setState(STATE.VALID);

Modified: cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/cache/HazelCastTokenStoreTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/cache/HazelCastTokenStoreTest.java?rev=1309334&r1=1309333&r2=1309334&view=diff
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/cache/HazelCastTokenStoreTest.java
(original)
+++ cxf/trunk/services/sts/sts-core/src/test/java/org/apache/cxf/sts/cache/HazelCastTokenStoreTest.java
Wed Apr  4 11:26:16 2012
@@ -39,14 +39,16 @@ public class HazelCastTokenStoreTest ext
         String key = "key";
         SecurityToken token = new SecurityToken(key);
         store.add(token);
-        assertEquals(token, store.getToken(key));
+        SecurityToken cachedToken = store.getToken(key);
+        assertEquals(token.getId(), cachedToken.getId());
         store.remove(token.getId());
         assertNull(store.getToken(key));
         
         String newKey = "xyz";
         store.add(newKey, token);
         assertNull(store.getToken(key));
-        assertEquals(token, store.getToken(newKey));
+        cachedToken = store.getToken(newKey);
+        assertEquals(key, cachedToken.getId());
         store.remove(newKey);
         assertNull(store.getToken(newKey));
     }



Mime
View raw message