cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1424879 - in /cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j: ./ policyvalidators/
Date Fri, 21 Dec 2012 11:40:48 GMT
Author: coheigea
Date: Fri Dec 21 11:40:48 2012
New Revision: 1424879

URL: http://svn.apache.org/viewvc?rev=1424879&view=rev
Log:
Merged revisions 1424873 via  git cherry-pick from
https://svn.apache.org/repos/asf/cxf/trunk

........
  r1424873 | coheigea | 2012-12-21 11:34:18 +0000 (Fri, 21 Dec 2012) | 2 lines

  [CXF-4716] - Make sure to validate all possible policies of a particular type

........

Modified:
    cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
    cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AsymmetricBindingPolicyValidator.java
    cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/ConcreteSupportingTokenPolicyValidator.java
    cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EncryptedTokenPolicyValidator.java
    cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EndorsingEncryptedTokenPolicyValidator.java
    cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EndorsingTokenPolicyValidator.java
    cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/IssuedTokenPolicyValidator.java
    cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/KerberosTokenPolicyValidator.java
    cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SamlTokenPolicyValidator.java
    cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SecurityContextTokenPolicyValidator.java
    cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEncryptedTokenPolicyValidator.java
    cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEndorsingEncryptedTokenPolicyValidator.java
    cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEndorsingTokenPolicyValidator.java
    cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedTokenPolicyValidator.java
    cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SymmetricBindingPolicyValidator.java
    cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/TransportBindingPolicyValidator.java
    cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/UsernameTokenPolicyValidator.java
    cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/WSS11PolicyValidator.java
    cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/X509TokenPolicyValidator.java

Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
(original)
+++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
Fri Dec 21 11:40:48 2012
@@ -424,7 +424,6 @@ public class PolicyBasedWSS4JInIntercept
                         ai.setNotAsserted("No " + type 
                                 + " element found matching one of the XPaths " 
                                 + Arrays.toString(xpaths.toArray()));
-                        return false;
                     }
                 }
             }
@@ -459,7 +458,7 @@ public class PolicyBasedWSS4JInIntercept
                         }
                     } catch (WSSecurityException e) {
                         ai.setNotAsserted(msg.getVersion().getBody() + " not " + type);
-                        return false;
+                        continue;
                     }
                 }
                 
@@ -470,7 +469,6 @@ public class PolicyBasedWSS4JInIntercept
                                 CoverageScope.ELEMENT);
                     } catch (WSSecurityException e) {
                         ai.setNotAsserted(h.getQName() + " not + " + type);
-                        return false;
                     }
                 }
             }
@@ -864,7 +862,6 @@ public class PolicyBasedWSS4JInIntercept
                     if (header == null 
                         || DOMUtils.getFirstChildWithName((Element)header, h.getQName())
== null) {
                         ai.setNotAsserted("No header element of name " + h.getQName() + "
found.");
-                        return false;
                     }
                 }
             }
@@ -888,11 +885,9 @@ public class PolicyBasedWSS4JInIntercept
                                                                  XPathConstants.NODESET);
                         if (list.getLength() == 0) {
                             ai.setNotAsserted("No header element matching XPath " + expression
+ " found.");
-                            return false;
                         }
                     } catch (XPathExpressionException e) {
                         ai.setNotAsserted("Invalid XPath expression " + expression + " "
+ e.getMessage());
-                        return false;
                     }
                 }
             }

Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AsymmetricBindingPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AsymmetricBindingPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AsymmetricBindingPolicyValidator.java
(original)
+++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AsymmetricBindingPolicyValidator.java
Fri Dec 21 11:40:48 2012
@@ -69,17 +69,17 @@ public class AsymmetricBindingPolicyVali
 
             // Check the protection order
             if (!checkProtectionOrder(binding, ai, results)) {
-                return false;
+                continue;
             }
             
             // Check various properties of the binding
             if (!checkProperties(binding, ai, aim, results, signedResults, message)) {
-                return false;
+                continue;
             }
             
             // Check various tokens of the binding
             if (!checkTokens(binding, ai, aim, hasDerivedKeys, signedResults, encryptedResults))
{
-                return false;
+                continue;
             }
         }
         

Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/ConcreteSupportingTokenPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/ConcreteSupportingTokenPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/ConcreteSupportingTokenPolicyValidator.java
(original)
+++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/ConcreteSupportingTokenPolicyValidator.java
Fri Dec 21 11:40:48 2012
@@ -115,7 +115,7 @@ public class ConcreteSupportingTokenPoli
                     ai.setNotAsserted(
                         "The received token does not match the supporting token requirement"
                     );
-                    return false;
+                    continue;
                 }
             }
 

Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EncryptedTokenPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EncryptedTokenPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EncryptedTokenPolicyValidator.java
(original)
+++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EncryptedTokenPolicyValidator.java
Fri Dec 21 11:40:48 2012
@@ -115,7 +115,7 @@ public class EncryptedTokenPolicyValidat
                     ai.setNotAsserted(
                         "The received token does not match the encrypted supporting token
requirement"
                     );
-                    return false;
+                    continue;
                 }
             }
         }

Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EndorsingEncryptedTokenPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EndorsingEncryptedTokenPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EndorsingEncryptedTokenPolicyValidator.java
(original)
+++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EndorsingEncryptedTokenPolicyValidator.java
Fri Dec 21 11:40:48 2012
@@ -120,7 +120,7 @@ public class EndorsingEncryptedTokenPoli
                         "The received token does not match the endorsing encrypted "
                         + "supporting token requirement"
                     );
-                    return false;
+                    continue;
                 }
             }
         }

Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EndorsingTokenPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EndorsingTokenPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EndorsingTokenPolicyValidator.java
(original)
+++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EndorsingTokenPolicyValidator.java
Fri Dec 21 11:40:48 2012
@@ -118,7 +118,7 @@ public class EndorsingTokenPolicyValidat
                     ai.setNotAsserted(
                         "The received token does not match the endorsing supporting token
requirement"
                     );
-                    return false;
+                    continue;
                 }
             }
         }

Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/IssuedTokenPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/IssuedTokenPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/IssuedTokenPolicyValidator.java
(original)
+++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/IssuedTokenPolicyValidator.java
Fri Dec 21 11:40:48 2012
@@ -76,13 +76,13 @@ public class IssuedTokenPolicyValidator 
                 ai.setNotAsserted(
                     "The received token does not match the token inclusion requirement"
                 );
-                return false;
+                continue;
             }
 
             Element template = issuedToken.getRstTemplate();
             if (template != null && !checkIssuedTokenTemplate(template, assertionWrapper))
{
                 ai.setNotAsserted("Error in validating the IssuedToken policy");
-                return false;
+                continue;
             }
 
             TLSSessionInfo tlsInfo = message.get(TLSSessionInfo.class);
@@ -92,7 +92,7 @@ public class IssuedTokenPolicyValidator 
             }
             if (!checkHolderOfKey(assertionWrapper, signedResults, tlsCerts)) {
                 ai.setNotAsserted("Assertion fails holder-of-key requirements");
-                return false;
+                continue;
             }
         }
         return true;

Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/KerberosTokenPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/KerberosTokenPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/KerberosTokenPolicyValidator.java
(original)
+++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/KerberosTokenPolicyValidator.java
Fri Dec 21 11:40:48 2012
@@ -58,7 +58,7 @@ public class KerberosTokenPolicyValidato
                 
                 if (!checkToken(kerberosTokenPolicy, kerberosToken)) {
                     ai.setNotAsserted("An incorrect Kerberos Token Type is detected");
-                    return false;
+                    continue;
                 }
             }
         }

Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SamlTokenPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SamlTokenPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SamlTokenPolicyValidator.java
(original)
+++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SamlTokenPolicyValidator.java
Fri Dec 21 11:40:48 2012
@@ -78,7 +78,7 @@ public class SamlTokenPolicyValidator ex
                 ai.setNotAsserted(
                     "The received token does not match the token inclusion requirement"
                 );
-                return false;
+                continue;
             }
             
             // All of the received SAML Assertions must conform to the policy
@@ -88,7 +88,7 @@ public class SamlTokenPolicyValidator ex
                 
                 if (!checkVersion(samlToken, assertionWrapper)) {
                     ai.setNotAsserted("Wrong SAML Version");
-                    return false;
+                    continue;
                 }
                 TLSSessionInfo tlsInfo = message.get(TLSSessionInfo.class);
                 Certificate[] tlsCerts = null;
@@ -97,11 +97,11 @@ public class SamlTokenPolicyValidator ex
                 }
                 if (!checkHolderOfKey(assertionWrapper, signedResults, tlsCerts)) {
                     ai.setNotAsserted("Assertion fails holder-of-key requirements");
-                    return false;
+                    continue;
                 }
                 if (!SAMLUtils.checkSenderVouches(assertionWrapper, tlsCerts, body, signed))
{
                     ai.setNotAsserted("Assertion fails sender-vouches requirements");
-                    return false;
+                    continue;
                 }
                 /*
                     if (!checkIssuerName(samlToken, assertionWrapper)) {

Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SecurityContextTokenPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SecurityContextTokenPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SecurityContextTokenPolicyValidator.java
(original)
+++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SecurityContextTokenPolicyValidator.java
Fri Dec 21 11:40:48 2012
@@ -67,7 +67,7 @@ public class SecurityContextTokenPolicyV
                 ai.setNotAsserted(
                     "The received token does not match the token inclusion requirement"
                 );
-                return false;
+                continue;
             }
         }
         return true;

Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEncryptedTokenPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEncryptedTokenPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEncryptedTokenPolicyValidator.java
(original)
+++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEncryptedTokenPolicyValidator.java
Fri Dec 21 11:40:48 2012
@@ -116,7 +116,7 @@ public class SignedEncryptedTokenPolicyV
                     ai.setNotAsserted(
                         "The received token does not match the signed encrypted supporting
token requirement"
                     );
-                    return false;
+                    continue;
                 }
             }
         }

Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEndorsingEncryptedTokenPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEndorsingEncryptedTokenPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEndorsingEncryptedTokenPolicyValidator.java
(original)
+++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEndorsingEncryptedTokenPolicyValidator.java
Fri Dec 21 11:40:48 2012
@@ -121,7 +121,7 @@ public class SignedEndorsingEncryptedTok
                         "The received token does not match the signed endorsing encrypted
"
                         + "supporting token requirement"
                     );
-                    return false;
+                    continue;
                 }
             }
         }

Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEndorsingTokenPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEndorsingTokenPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEndorsingTokenPolicyValidator.java
(original)
+++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEndorsingTokenPolicyValidator.java
Fri Dec 21 11:40:48 2012
@@ -118,7 +118,7 @@ public class SignedEndorsingTokenPolicyV
                     ai.setNotAsserted(
                         "The received token does not match the signed endorsing supporting
token requirement"
                     );
-                    return false;
+                    continue;
                 }
             }
         }

Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedTokenPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedTokenPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedTokenPolicyValidator.java
(original)
+++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedTokenPolicyValidator.java
Fri Dec 21 11:40:48 2012
@@ -115,7 +115,7 @@ public class SignedTokenPolicyValidator 
                     ai.setNotAsserted(
                         "The received token does not match the signed supporting token requirement"
                     );
-                    return false;
+                    continue;
                 }
             }
 

Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SymmetricBindingPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SymmetricBindingPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SymmetricBindingPolicyValidator.java
(original)
+++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SymmetricBindingPolicyValidator.java
Fri Dec 21 11:40:48 2012
@@ -65,17 +65,17 @@ public class SymmetricBindingPolicyValid
 
             // Check the protection order
             if (!checkProtectionOrder(binding, ai, results)) {
-                return false;
+                continue;
             }
             
             // Check various properties of the binding
             if (!checkProperties(binding, ai, aim, results, signedResults, message)) {
-                return false;
+                continue;
             }
             
             // Check various tokens of the binding
             if (!checkTokens(binding, ai, aim, hasDerivedKeys, signedResults, encryptedResults))
{
-                return false;
+                continue;
             }
         }
         

Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/TransportBindingPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/TransportBindingPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/TransportBindingPolicyValidator.java
(original)
+++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/TransportBindingPolicyValidator.java
Fri Dec 21 11:40:48 2012
@@ -62,7 +62,7 @@ public class TransportBindingPolicyValid
             TLSSessionInfo tlsInfo = message.get(TLSSessionInfo.class);
             if (!initiator && tlsInfo == null) {
                 ai.setNotAsserted("TLS is not enabled");
-                return false;
+                continue;
             }
             
             // HttpsToken is validated by the HttpsTokenInterceptorProvider
@@ -75,7 +75,7 @@ public class TransportBindingPolicyValid
                 String error = "Received Timestamp does not match the requirements";
                 notAssertPolicy(aim, SP12Constants.INCLUDE_TIMESTAMP, error);
                 ai.setNotAsserted(error);
-                return false;
+                continue;
             }
             assertPolicy(aim, SP12Constants.INCLUDE_TIMESTAMP);
             
@@ -87,7 +87,7 @@ public class TransportBindingPolicyValid
                 String error = "Layout does not match the requirements";
                 notAssertPolicy(aim, SP12Constants.LAYOUT, error);
                 ai.setNotAsserted(error);
-                return false;
+                continue;
             }
             assertPolicy(aim, SP12Constants.LAYOUT);
         }

Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/UsernameTokenPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/UsernameTokenPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/UsernameTokenPolicyValidator.java
(original)
+++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/UsernameTokenPolicyValidator.java
Fri Dec 21 11:40:48 2012
@@ -69,11 +69,11 @@ public class UsernameTokenPolicyValidato
                 ai.setNotAsserted(
                     "The received token does not match the token inclusion requirement"
                 );
-                return false;
+                continue;
             }
 
             if (!checkTokens(usernameTokenPolicy, ai, utResults)) {
-                return false;
+                continue;
             }
         }
         return true;

Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/WSS11PolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/WSS11PolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/WSS11PolicyValidator.java
(original)
+++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/WSS11PolicyValidator.java
Fri Dec 21 11:40:48 2012
@@ -67,7 +67,7 @@ public class WSS11PolicyValidator implem
                 ai.setNotAsserted(
                     "Signature Confirmation policy validation failed"
                 );
-                return false;
+                continue;
             }
         }
         return true;

Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/X509TokenPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/X509TokenPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/X509TokenPolicyValidator.java
(original)
+++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/X509TokenPolicyValidator.java
Fri Dec 21 11:40:48 2012
@@ -71,12 +71,12 @@ public class X509TokenPolicyValidator ex
                 ai.setNotAsserted(
                     "The received token does not match the token inclusion requirement"
                 );
-                return false;
+                continue;
             }
 
             if (!checkTokenType(x509TokenPolicy.getTokenVersionAndType(), bstResults)) {
                 ai.setNotAsserted("An incorrect X.509 Token Type is detected");
-                return false;
+                continue;
             }
         }
         return true;



Mime
View raw message