cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1437413 - in /cxf/fediz/branches/1.0.x-fixes: ./ services/idp/src/main/java/org/apache/cxf/fediz/service/idp/IdpServlet.java
Date Wed, 23 Jan 2013 14:41:26 GMT
Author: coheigea
Date: Wed Jan 23 14:41:25 2013
New Revision: 1437413

URL: http://svn.apache.org/viewvc?rev=1437413&view=rev
Log:
[FEDIZ-48] - Support wfresh properly in the IdP

Modified:
    cxf/fediz/branches/1.0.x-fixes/   (props changed)
    cxf/fediz/branches/1.0.x-fixes/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/IdpServlet.java

Propchange: cxf/fediz/branches/1.0.x-fixes/
------------------------------------------------------------------------------
  Merged /cxf/fediz/trunk:r1437358

Modified: cxf/fediz/branches/1.0.x-fixes/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/IdpServlet.java
URL: http://svn.apache.org/viewvc/cxf/fediz/branches/1.0.x-fixes/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/IdpServlet.java?rev=1437413&r1=1437412&r2=1437413&view=diff
==============================================================================
--- cxf/fediz/branches/1.0.x-fixes/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/IdpServlet.java
(original)
+++ cxf/fediz/branches/1.0.x-fixes/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/IdpServlet.java
Wed Jan 23 14:41:25 2013
@@ -261,7 +261,7 @@ public class IdpServlet extends HttpServ
                         }
                         
                         try {
-                            idpToken = requestSecurityTokenForIDP(username, password, "urn:fediz:idp");
+                            idpToken = requestSecurityTokenForIDP(username, password, "urn:fediz:idp",
wfresh);
                             session = request.getSession(true);
                             session.setAttribute(IDP_TOKEN, idpToken);
                             session.setAttribute(IDP_USER, username);
@@ -290,7 +290,7 @@ public class IdpServlet extends HttpServ
             }
 
             try {
-                wresult = requestSecurityTokenForRP(idpToken, wtrealm);
+                wresult = requestSecurityTokenForRP(idpToken, wtrealm, wfresh);
                 request.setAttribute("fed." + PARAM_WRESULT,
                                      StringEscapeUtils.escapeXml(wresult));
                 if (wctx != null) {
@@ -322,7 +322,9 @@ public class IdpServlet extends HttpServ
         }
     }
     
-    private SecurityToken requestSecurityTokenForIDP(String username, String password, String
appliesTo) throws Exception {
+    private SecurityToken requestSecurityTokenForIDP(
+        String username, String password, String appliesTo, String wfresh
+    ) throws Exception {
         Bus cxfBus = getBus();
         
         IdpSTSClient sts = new IdpSTSClient(cxfBus);
@@ -348,13 +350,16 @@ public class IdpServlet extends HttpServ
             sts.setEnableLifetime(true);
             int ttl = Integer.parseInt(getInitParameter(S_PARAM_TOKEN_INTERNAL_LIFETIME));
             sts.setTtl(ttl);
+        } else {
+            // Set TTL on the request
+            configureTTL(sts, wfresh);
         }
         
         return sts.requestSecurityToken(appliesTo);
     }
 
     private String requestSecurityTokenForRP(SecurityToken onbehalfof,
-                                        String appliesTo) throws Exception {
+                                        String appliesTo, String wfresh) throws Exception
{
         try {
             Bus cxfBus = getBus();
             List<String> realmClaims = null;
@@ -393,6 +398,9 @@ public class IdpServlet extends HttpServ
                                            getInitParameter(S_PARAM_STS_RP_WSDL_ENDPOINT)));
             
             sts.setOnBehalfOf(onbehalfof.getToken());
+            
+            // Set TTL on the request
+            configureTTL(sts, wfresh);
 
             Element claims = createClaimsElement(realmClaims);
             if (claims != null) {
@@ -440,6 +448,20 @@ public class IdpServlet extends HttpServ
         return writer.getDocument().getDocumentElement();
     }
     
+    private void configureTTL(IdpSTSClient sts, String wfresh) {
+        if (wfresh != null) {
+            try {
+                int ttl = Integer.parseInt(wfresh);
+                if (ttl > 0) {
+                    sts.setTtl(ttl * 60);                    
+                    sts.setEnableLifetime(true);
+                }
+            } catch (NumberFormatException ex) {
+                LOG.error("Invalid wfresh value '" + wfresh + "': "  + ex.getMessage());
+            }
+        }
+    }
+    
     private synchronized void setSTSWsdlUrl(String wsdlUrl) {
         this.stsWsdlUrl = wsdlUrl;
         this.isPortSet = true;



Mime
View raw message