cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1339546 - /cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewer.java
Date Thu, 17 May 2012 10:51:34 GMT
Author: coheigea
Date: Thu May 17 10:51:34 2012
New Revision: 1339546

URL: http://svn.apache.org/viewvc?rev=1339546&view=rev
Log:
Update to how SAML Tokens are renewed

Modified:
    cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewer.java

Modified: cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewer.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewer.java?rev=1339546&r1=1339545&r2=1339546&view=diff
==============================================================================
--- cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewer.java
(original)
+++ cxf/trunk/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewer.java
Thu May 17 10:51:34 2012
@@ -190,18 +190,19 @@ public class SAMLTokenRenewer implements
             // Validate the Assertion
             validateAssertion(assertion, tokenToRenew, cachedToken, tokenParameters);
             
-            String oldId = createNewId(assertion);
+            AssertionWrapper renewedAssertion = new AssertionWrapper(assertion.getXmlObject());
+            String oldId = createNewId(renewedAssertion);
             // Remove the previous token (now expired) from the cache
             tokenStore.remove(oldId);
             tokenStore.remove(Integer.toString(hash));
             
             // Create new Conditions & sign the Assertion
-            createNewConditions(assertion, tokenParameters);
-            signAssertion(assertion, tokenParameters);
+            createNewConditions(renewedAssertion, tokenParameters);
+            signAssertion(renewedAssertion, tokenParameters);
             
             Document doc = DOMUtils.createDocument();
-            Element token = assertion.toDOM(doc);
-            if (assertion.getSaml1() != null) {
+            Element token = renewedAssertion.toDOM(doc);
+            if (renewedAssertion.getSaml1() != null) {
                 token.setIdAttributeNS(null, "AssertionID", true);
             } else {
                 token.setIdAttributeNS(null, "ID", true);
@@ -210,22 +211,22 @@ public class SAMLTokenRenewer implements
             
             // Cache the token
             storeTokenInCache(
-                tokenStore, assertion, tokenParameters.getPrincipal(), tokenParameters.getRealm()
+                tokenStore, renewedAssertion, tokenParameters.getPrincipal(), tokenParameters.getRealm()
             );
             
             response.setToken(token);
-            response.setTokenId(assertion.getId());
+            response.setTokenId(renewedAssertion.getId());
             
             DateTime validFrom = null;
             DateTime validTill = null;
             long lifetime = 0;
-            if (assertion.getSamlVersion().equals(SAMLVersion.VERSION_20)) {
-                validFrom = assertion.getSaml2().getConditions().getNotBefore();
-                validTill = assertion.getSaml2().getConditions().getNotOnOrAfter();
+            if (renewedAssertion.getSamlVersion().equals(SAMLVersion.VERSION_20)) {
+                validFrom = renewedAssertion.getSaml2().getConditions().getNotBefore();
+                validTill = renewedAssertion.getSaml2().getConditions().getNotOnOrAfter();
                 lifetime = validTill.getMillis() - validFrom.getMillis();
             } else {
-                validFrom = assertion.getSaml1().getConditions().getNotBefore();
-                validTill = assertion.getSaml1().getConditions().getNotOnOrAfter();
+                validFrom = renewedAssertion.getSaml1().getConditions().getNotBefore();
+                validTill = renewedAssertion.getSaml1().getConditions().getNotOnOrAfter();
                 lifetime = validTill.getMillis() - validFrom.getMillis();
             }
             response.setLifetime(lifetime / 1000);



Mime
View raw message