cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1493129 - /cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractSupportingTokenPolicyValidator.java
Date Fri, 14 Jun 2013 15:47:47 GMT
Author: coheigea
Date: Fri Jun 14 15:47:46 2013
New Revision: 1493129

URL: http://svn.apache.org/r1493129
Log:
Merged revisions 1493119 via  git cherry-pick from
https://svn.apache.org/repos/asf/cxf/branches/2.7.x-fixes

........
  r1493119 | coheigea | 2013-06-14 16:31:18 +0100 (Fri, 14 Jun 2013) | 10 lines

  Merged revisions 1493108 via  git cherry-pick from
  https://svn.apache.org/repos/asf/cxf/trunk

  ........
    r1493108 | coheigea | 2013-06-14 16:12:19 +0100 (Fri, 14 Jun 2013) | 2 lines

    [CXF-5056] - EndorsingSupportingTokens with both transport security and message layer
security applied

  ........

........

Modified:
    cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractSupportingTokenPolicyValidator.java

Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractSupportingTokenPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractSupportingTokenPolicyValidator.java?rev=1493129&r1=1493128&r2=1493129&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractSupportingTokenPolicyValidator.java
(original)
+++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractSupportingTokenPolicyValidator.java
Fri Jun 14 15:47:46 2013
@@ -468,10 +468,14 @@ public abstract class AbstractSupporting
      * @return true if the endorsed supporting token policy is correct
      */
     private boolean checkEndorsed(List<WSSecurityEngineResult> tokenResults) {
+        boolean endorsingSatisfied = false;
         if (isTLSInUse()) {
-            return checkTimestampIsSigned(tokenResults);
+            endorsingSatisfied = checkTimestampIsSigned(tokenResults);
         }
-        return checkSignatureIsSigned(tokenResults);
+        if (!endorsingSatisfied) {
+            endorsingSatisfied = checkSignatureIsSigned(tokenResults);
+        }
+        return endorsingSatisfied;
     }
     
     



Mime
View raw message