Return-Path: X-Original-To: apmail-cxf-commits-archive@www.apache.org Delivered-To: apmail-cxf-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 8690AEEA6 for ; Thu, 7 Feb 2013 14:34:58 +0000 (UTC) Received: (qmail 29875 invoked by uid 500); 7 Feb 2013 14:34:58 -0000 Delivered-To: apmail-cxf-commits-archive@cxf.apache.org Received: (qmail 29758 invoked by uid 500); 7 Feb 2013 14:34:57 -0000 Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cxf.apache.org Delivered-To: mailing list commits@cxf.apache.org Received: (qmail 29748 invoked by uid 99); 7 Feb 2013 14:34:57 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 07 Feb 2013 14:34:57 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 07 Feb 2013 14:34:54 +0000 Received: from eris.apache.org (localhost [127.0.0.1]) by eris.apache.org (Postfix) with ESMTP id 8141323888E7; Thu, 7 Feb 2013 14:34:34 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1443504 - in /cxf/fediz/trunk/services/idp/src/main: java/org/apache/cxf/fediz/service/idp/STSClientFilter.java webapp/WEB-INF/web.xml Date: Thu, 07 Feb 2013 14:34:34 -0000 To: commits@cxf.apache.org From: coheigea@apache.org X-Mailer: svnmailer-1.0.8-patched Message-Id: <20130207143434.8141323888E7@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: coheigea Date: Thu Feb 7 14:34:34 2013 New Revision: 1443504 URL: http://svn.apache.org/viewvc?rev=1443504&view=rev Log: [FEDIZ-49] - Support using wfresh parameter in the IdP for TTL Modified: cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/STSClientFilter.java cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/web.xml Modified: cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/STSClientFilter.java URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/STSClientFilter.java?rev=1443504&r1=1443503&r2=1443504&view=diff ============================================================================== --- cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/STSClientFilter.java (original) +++ cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/STSClientFilter.java Thu Feb 7 14:34:34 2013 @@ -67,6 +67,8 @@ public class STSClientFilter extends Abs private static final String PARAM_RSTR_CONTENT_TYPE = "sts.rstr.content-type"; private static final String PARAM_STS_ONBEHALFOF_TOKEN_NAME = "sts.onbehalfof.token.name"; + + private static final String PARAM_STS_USE_WFRESH_FOR_TTL = "sts.use.wfresh.for.ttl"; private static final Logger LOG = LoggerFactory.getLogger(STSClientFilter.class); @@ -92,6 +94,7 @@ public class STSClientFilter extends Abs protected String appliesTo; // $wtrealm protected String contentType; //token, rstr protected boolean isPortSet; + protected boolean useWfreshForTTL; protected Bus bus; @@ -186,7 +189,21 @@ public class STSClientFilter extends Abs "Parameter '" + PARAM_RSTR_CONTENT_TYPE + "' not configured"); } - + try { + String wfreshParam = filterConfig.getInitParameter(PARAM_STS_USE_WFRESH_FOR_TTL); + if (wfreshParam != null) { + useWfreshForTTL = Boolean.valueOf(wfreshParam).booleanValue(); + } else if (contentType.equalsIgnoreCase("TOKEN")) { + useWfreshForTTL = true; + } else { + useWfreshForTTL = false; + } + } catch (Exception ex) { + LOG.error("Failed to parse parameter '" + PARAM_STS_USE_WFRESH_FOR_TTL + "': " + ex.toString()); + throw new ServletException( + "Failed to parse parameter '" + PARAM_STS_USE_WFRESH_FOR_TTL + "'"); + } + } @@ -256,6 +273,10 @@ public class STSClientFilter extends Abs sts.setTtl(ttl); } */ + + if (useWfreshForTTL) { + configureTTL(sts, context); + } if (appliesTo.startsWith("$")) { resolvedAppliesTo = (String)context.get(appliesTo.substring(1)); @@ -345,6 +366,21 @@ public class STSClientFilter extends Abs } } + + private void configureTTL(IdpSTSClient sts, AuthContext context) { + String wfresh = (String)context.get(FederationFilter.PARAM_WFRESH); + if (wfresh != null) { + try { + int ttl = Integer.parseInt(wfresh); + if (ttl > 0) { + sts.setTtl(ttl * 60); + sts.setEnableLifetime(true); + } + } catch (NumberFormatException ex) { + LOG.error("Invalid wfresh value '" + wfresh + "': " + ex.getMessage()); + } + } + } private Element createClaimsElement(List realmClaims) throws Exception { Modified: cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/web.xml URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/web.xml?rev=1443504&r1=1443503&r2=1443504&view=diff ============================================================================== --- cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/web.xml (original) +++ cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/web.xml Thu Feb 7 14:34:34 2013 @@ -109,7 +109,11 @@ sts.rstr.content-type TOKEN - + + + sts.use.wfresh.for.ttl + true + @@ -158,7 +162,7 @@ sts.claims.required true - +