cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1330337 - in /cxf/trunk: parent/pom.xml rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/sso/RequestAssertionConsumerService.java
Date Wed, 25 Apr 2012 15:20:13 GMT
Author: coheigea
Date: Wed Apr 25 15:20:13 2012
New Revision: 1330337

URL: http://svn.apache.org/viewvc?rev=1330337&view=rev
Log:
Added a Validator to REST Security module to validate SAML Protocol responses.
 - Upgraded to WSS4J 1.6.6-SNAPSHOT

Modified:
    cxf/trunk/parent/pom.xml
    cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/sso/RequestAssertionConsumerService.java

Modified: cxf/trunk/parent/pom.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/parent/pom.xml?rev=1330337&r1=1330336&r2=1330337&view=diff
==============================================================================
--- cxf/trunk/parent/pom.xml (original)
+++ cxf/trunk/parent/pom.xml Wed Apr 25 15:20:13 2012
@@ -124,7 +124,7 @@
         <cxf.oauth.bundle.version>20100527_1</cxf.oauth.bundle.version>
         <cxf.axiom.version>1.2.10</cxf.axiom.version>
         <cxf.jettison.version>1.3.1</cxf.jettison.version>
-        <cxf.wss4j.version>1.6.5</cxf.wss4j.version>
+        <cxf.wss4j.version>1.6.6-SNAPSHOT</cxf.wss4j.version>
         <cxf.joda.time.version>1.6.2</cxf.joda.time.version>
         <cxf.opensaml.version>2.5.1</cxf.opensaml.version>
         <cxf.opensamlws.version>1.4.2-1</cxf.opensamlws.version>

Modified: cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/sso/RequestAssertionConsumerService.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/sso/RequestAssertionConsumerService.java?rev=1330337&r1=1330336&r2=1330337&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/sso/RequestAssertionConsumerService.java
(original)
+++ cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/sso/RequestAssertionConsumerService.java
Wed Apr 25 15:20:13 2012
@@ -116,7 +116,14 @@ public class RequestAssertionConsumerSer
     }
     
     protected void validateSamlResponse(org.opensaml.saml2.core.Response samlResponse) {
-        
+        SAMLProtocolResponseValidator protocolValidator = 
+                new SAMLProtocolResponseValidator();
+        // TODO Configure Crypto & CallbackHandler object here to validate signatures
+        try {
+            protocolValidator.validateSamlResponse(samlResponse, null, null);
+        } catch (WSSecurityException ex) {
+            throw new WebApplicationException(400);
+        }
     }
     
     public void setUseDeflateEncoding(boolean deflate) {



Mime
View raw message