cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1448077 - in /cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security: policy/interceptors/IssuedTokenInterceptorProvider.java trust/AbstractSTSClient.java
Date Wed, 20 Feb 2013 11:09:16 GMT
Author: coheigea
Date: Wed Feb 20 11:09:16 2013
New Revision: 1448077

URL: http://svn.apache.org/r1448077
Log:
[CXF-4841] - STSClient AppliesTo is not working correctly in certain circumstances

Modified:
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java?rev=1448077&r1=1448076&r2=1448077&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
Wed Feb 20 11:09:16 2013
@@ -343,12 +343,10 @@ public class IssuedTokenInterceptorProvi
             client.setTrust(getTrust10(aim));
             client.setTrust(getTrust13(aim));
             client.setTemplate(itok.getRstTemplate());
-            if (maps == null) {
-                return client.requestSecurityToken();
-            } else {
+            if (maps != null && maps.getNamespaceURI() != null) {
                 client.setAddressingNamespace(maps.getNamespaceURI());
-                return client.requestSecurityToken(appliesTo);
             }
+            return client.requestSecurityToken(appliesTo);
         }
         
         private SecurityToken renewToken(

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java?rev=1448077&r1=1448076&r2=1448077&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
Wed Feb 20 11:09:16 2013
@@ -157,7 +157,7 @@ public abstract class AbstractSTSClient 
     protected CallbackHandler claimsCallbackHandler;
     protected AlgorithmSuite algorithmSuite;
     protected String namespace = STSUtils.WST_NS_05_12;
-    protected String addressingNamespace;
+    protected String addressingNamespace = "http://www.w3.org/2005/08/addressing";
     protected Object onBehalfOf;
     protected boolean enableAppliesTo = true;
 
@@ -976,10 +976,6 @@ public abstract class AbstractSTSClient 
             tokentype = namespace + "/RSTR/Status";
         }
 
-        if (addressingNamespace == null) {
-            addressingNamespace = "http://www.w3.org/2005/08/addressing";
-        }
-
         Policy validatePolicy = new Policy();
         ExactlyOne one = new ExactlyOne();
         validatePolicy.addPolicyComponent(one);
@@ -1030,10 +1026,6 @@ public abstract class AbstractSTSClient 
     protected STSResponse cancel(SecurityToken token) throws Exception {
         createClient();
 
-        if (addressingNamespace == null) {
-            addressingNamespace = "http://www.w3.org/2005/08/addressing";
-        }
-
         client.getRequestContext().clear();
         client.getRequestContext().putAll(ctx);
         client.getRequestContext().put(SecurityConstants.TOKEN, token);
@@ -1069,13 +1061,19 @@ public abstract class AbstractSTSClient 
             SignedEncryptedParts parts = new SignedEncryptedParts(true);
             parts.setOptional(true);
             parts.setBody(true);
-            parts.addHeader(new Header("To", addressingNamespace));
-            parts.addHeader(new Header("From", addressingNamespace));
-            parts.addHeader(new Header("FaultTo", addressingNamespace));
-            parts.addHeader(new Header("ReplyTo", addressingNamespace));
-            parts.addHeader(new Header("Action", addressingNamespace));
-            parts.addHeader(new Header("MessageID", addressingNamespace));
-            parts.addHeader(new Header("RelatesTo", addressingNamespace));
+            
+            String addrNamespace = addressingNamespace;
+            if (addrNamespace == null) {
+                addrNamespace = "http://www.w3.org/2005/08/addressing";
+            }
+            
+            parts.addHeader(new Header("To", addrNamespace));
+            parts.addHeader(new Header("From", addrNamespace));
+            parts.addHeader(new Header("FaultTo", addrNamespace));
+            parts.addHeader(new Header("ReplyTo", addrNamespace));
+            parts.addHeader(new Header("Action", addrNamespace));
+            parts.addHeader(new Header("MessageID", addrNamespace));
+            parts.addHeader(new Header("RelatesTo", addrNamespace));
             all.addPolicyComponent(parts);
             
             client.getRequestContext().put(PolicyConstants.POLICY_OVERRIDE, cancelPolicy);



Mime
View raw message