cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1333477 - in /cxf/trunk: rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/sso/ rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/sso/filter/ services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/ serv...
Date Thu, 03 May 2012 14:29:13 GMT
Author: coheigea
Date: Thu May  3 14:29:12 2012
New Revision: 1333477

URL: http://svn.apache.org/viewvc?rev=1333477&view=rev
Log:
More cleanup

Modified:
    cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLProtocolResponseValidator.java
    cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/sso/filter/SamlpRequestComponentBuilder.java
    cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/Claim.java
    cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/request/RequestParser.java
    cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/canceller/SCTCanceller.java
    cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/DefaultConditionsProvider.java
    cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SymmetricKeyHandler.java
    cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewer.java

Modified: cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLProtocolResponseValidator.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLProtocolResponseValidator.java?rev=1333477&r1=1333476&r2=1333477&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLProtocolResponseValidator.java
(original)
+++ cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLProtocolResponseValidator.java
Thu May  3 14:29:12 2012
@@ -114,11 +114,13 @@ public class SAMLProtocolResponseValidat
     ) throws WSSecurityException {
         // Check the Status Code
         if (samlResponse.getStatus() == null
-            || samlResponse.getStatus().getStatusCode() == null) {
+            || samlResponse.getStatus().getStatusCode() == null
+            || samlResponse.getStatus().getStatusCode().getValue() == null) {
             LOG.fine("Either the SAML Response Status or StatusCode is null");
             throw new WSSecurityException(WSSecurityException.FAILURE, "invalidSAMLsecurity");
         }
-        if (!SAML1_STATUSCODE_SUCCESS.equals(samlResponse.getStatus().getStatusCode().getValue()))
{
+        String statusValue = samlResponse.getStatus().getStatusCode().getValue().getLocalPart();
+        if (!SAML1_STATUSCODE_SUCCESS.equals(statusValue)) {
             LOG.fine(
                 "SAML Status code of " + samlResponse.getStatus().getStatusCode().getValue()
                 + "does not equal " + SAML1_STATUSCODE_SUCCESS

Modified: cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/sso/filter/SamlpRequestComponentBuilder.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/sso/filter/SamlpRequestComponentBuilder.java?rev=1333477&r1=1333476&r2=1333477&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/sso/filter/SamlpRequestComponentBuilder.java
(original)
+++ cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/sso/filter/SamlpRequestComponentBuilder.java
Thu May  3 14:29:12 2012
@@ -41,17 +41,17 @@ import org.opensaml.xml.XMLObjectBuilder
 */
 public final class SamlpRequestComponentBuilder {
     
-    private static SAMLObjectBuilder<AuthnRequest> authnRequestBuilder;
+    private static volatile SAMLObjectBuilder<AuthnRequest> authnRequestBuilder;
     
-    private static SAMLObjectBuilder<Issuer> issuerBuilder;
+    private static volatile SAMLObjectBuilder<Issuer> issuerBuilder;
     
-    private static SAMLObjectBuilder<NameIDPolicy> nameIDBuilder;
+    private static volatile SAMLObjectBuilder<NameIDPolicy> nameIDBuilder;
     
-    private static SAMLObjectBuilder<RequestedAuthnContext> requestedAuthnCtxBuilder;
+    private static volatile SAMLObjectBuilder<RequestedAuthnContext> requestedAuthnCtxBuilder;
     
-    private static SAMLObjectBuilder<AuthnContextClassRef> requestedAuthnCtxClassRefBuilder;
+    private static volatile SAMLObjectBuilder<AuthnContextClassRef> requestedAuthnCtxClassRefBuilder;
     
-    private static XMLObjectBuilderFactory builderFactory = Configuration.getBuilderFactory();
+    private static volatile XMLObjectBuilderFactory builderFactory = Configuration.getBuilderFactory();
     
     private SamlpRequestComponentBuilder() {
         

Modified: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/Claim.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/Claim.java?rev=1333477&r1=1333476&r2=1333477&view=diff
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/Claim.java (original)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/Claim.java Thu
May  3 14:29:12 2012
@@ -35,7 +35,7 @@ public class Claim implements Serializab
     private URI claimType;
     private String issuer;
     private String originalIssuer;
-    private Principal principal;
+    private transient Principal principal;
     private String value;
     private URI namespace = ClaimTypes.URI_BASE;
 

Modified: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/request/RequestParser.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/request/RequestParser.java?rev=1333477&r1=1333476&r2=1333477&view=diff
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/request/RequestParser.java
(original)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/request/RequestParser.java
Thu May  3 14:29:12 2012
@@ -116,7 +116,10 @@ public class RequestParser {
                         found = parseKeyRequirements(jaxbElement, keyRequirements, wsContext,
stsProperties);
                     }
                     if (!found) {
-                        LOG.log(Level.WARNING, "Found a JAXB object of unknown type: " +
jaxbElement.getName());
+                        LOG.log(
+                            Level.WARNING, 
+                            "Found a JAXB object of unknown type: " + jaxbElement.getName()
+                        );
                         throw new STSException(
                             "An unknown element was received", STSException.BAD_REQUEST
                         );

Modified: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/canceller/SCTCanceller.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/canceller/SCTCanceller.java?rev=1333477&r1=1333476&r2=1333477&view=diff
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/canceller/SCTCanceller.java
(original)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/canceller/SCTCanceller.java
Thu May  3 14:29:12 2012
@@ -78,15 +78,20 @@ public class SCTCanceller implements Tok
         LOG.fine("Trying to cancel a SecurityContextToken");
         TokenCancellerResponse response = new TokenCancellerResponse();
         ReceivedToken cancelTarget = tokenParameters.getToken();
-        cancelTarget.setState(STATE.NONE);
-        response.setToken(cancelTarget);
         
         if (tokenParameters.getTokenStore() == null) {
             LOG.log(Level.FINE, "A cache must be configured to use the SCTCanceller");
             return response;
         }
+        if (cancelTarget == null) {
+            LOG.log(Level.FINE, "Cancel Target is null");
+            return response;
+        }
+        
+        cancelTarget.setState(STATE.NONE);
+        response.setToken(cancelTarget);
         
-        if (cancelTarget != null && cancelTarget.isDOMElement()) {
+        if (cancelTarget.isDOMElement()) {
             try {
                 Element cancelTargetElement = (Element)cancelTarget.getToken();
                 SecurityContextToken sct = new SecurityContextToken(cancelTargetElement);

Modified: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/DefaultConditionsProvider.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/DefaultConditionsProvider.java?rev=1333477&r1=1333476&r2=1333477&view=diff
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/DefaultConditionsProvider.java
(original)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/DefaultConditionsProvider.java
Thu May  3 14:29:12 2012
@@ -148,14 +148,21 @@ public class DefaultConditionsProvider i
                     XmlSchemaDateFormat fmt = new XmlSchemaDateFormat();
                     Date creationTime = fmt.parse(tokenLifetime.getCreated());
                     Date expirationTime = fmt.parse(tokenLifetime.getExpires());
+                    if (creationTime == null || expirationTime == null) {
+                        LOG.fine("Error in parsing Timestamp Created or Expiration Strings");
+                        throw new STSException(
+                            "Error in parsing Timestamp Created or Expiration Strings",
+                            STSException.INVALID_TIME
+                        );
+                    }
                     
                     // Check to see if the created time is in the future
                     Date validCreation = new Date();
                     long currentTime = validCreation.getTime();
                     if (futureTimeToLive > 0) {
-                        validCreation.setTime(currentTime + futureTimeToLive * 1000);
+                        validCreation.setTime(currentTime + futureTimeToLive * 1000L);
                     }
-                    if (creationTime != null && creationTime.after(validCreation))
{
+                    if (creationTime.after(validCreation)) {
                         LOG.fine("The Created Time is too far in the future");
                         throw new STSException(
                             "The Created Time is too far in the future", STSException.INVALID_TIME

Modified: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SymmetricKeyHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SymmetricKeyHandler.java?rev=1333477&r1=1333476&r2=1333477&view=diff
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SymmetricKeyHandler.java
(original)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SymmetricKeyHandler.java
Thu May  3 14:29:12 2012
@@ -90,8 +90,8 @@ public class SymmetricKeyHandler {
             } else if (STSConstants.SYMMETRIC_KEY_TYPE.equals(binarySecret.getBinarySecretType())
                 || binarySecret.getBinarySecretType() == null) {
                 byte[] secretValue = binarySecret.getBinarySecretValue();
-                if ((secretValue.length * 8) < signatureProperties.getMinimumKeySize()
-                    || (secretValue.length * 8) > signatureProperties.getMaximumKeySize())
{
+                if (((long)secretValue.length * 8L) < signatureProperties.getMinimumKeySize()
+                    || ((long)secretValue.length * 8L) > signatureProperties.getMaximumKeySize())
{
                     LOG.log(
                         Level.WARNING, "Received secret of length " + secret.length 
                         + " bits is not accepted" 
@@ -109,8 +109,8 @@ public class SymmetricKeyHandler {
             }
         } else if (clientEntropy.getDecryptedKey() != null) {
             byte[] secretValue = clientEntropy.getDecryptedKey();
-            if ((secretValue.length * 8) < signatureProperties.getMinimumKeySize()
-                || (secretValue.length * 8) > signatureProperties.getMaximumKeySize())
{
+            if (((long)secretValue.length * 8L) < signatureProperties.getMinimumKeySize()
+                || ((long)secretValue.length * 8L) > signatureProperties.getMaximumKeySize())
{
                 LOG.log(
                     Level.WARNING, "Received secret of length " + secret.length 
                     + " bits is not accepted" 

Modified: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewer.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewer.java?rev=1333477&r1=1333476&r2=1333477&view=diff
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewer.java
(original)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewer.java
Thu May  3 14:29:12 2012
@@ -292,7 +292,9 @@ public class SAMLTokenRenewer implements
         Properties props = token.getProperties();
         if (props == null) {
             LOG.log(Level.WARNING, "Error in getting properties from cached token");
-            throw new STSException("Error in getting properties from cached token", STSException.REQUEST_FAILED);
+            throw new STSException(
+                "Error in getting properties from cached token", STSException.REQUEST_FAILED
+            );
         }
         String isAllowRenewal = (String)props.get(STSConstants.TOKEN_RENEWING_ALLOW);
         String isAllowRenewalAfterExpiry = 



Mime
View raw message