Return-Path: 
 <commits-return-28971-apmail-cxf-commits-archive=cxf.apache.org@cxf.apache.org>
X-Original-To: apmail-cxf-commits-archive@www.apache.org
Delivered-To: apmail-cxf-commits-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 4B8D110BE9
	for <apmail-cxf-commits-archive@www.apache.org>;
 Wed, 11 Sep 2013 10:52:54 +0000 (UTC)
Received: (qmail 43696 invoked by uid 500); 11 Sep 2013 10:52:53 -0000
Delivered-To: apmail-cxf-commits-archive@cxf.apache.org
Received: (qmail 43584 invoked by uid 500); 11 Sep 2013 10:52:53 -0000
Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:commits-help@cxf.apache.org>
List-Unsubscribe: <mailto:commits-unsubscribe@cxf.apache.org>
List-Post: <mailto:commits@cxf.apache.org>
List-Id: <commits.cxf.apache.org>
Reply-To: dev@cxf.apache.org
Delivered-To: mailing list commits@cxf.apache.org
Received: (qmail 43572 invoked by uid 99); 11 Sep 2013 10:52:52 -0000
Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 11 Sep 2013 10:52:52 +0000
X-ASF-Spam-Status: No, hits=-2000.0 required=5.0
	tests=ALL_TRUSTED
X-Spam-Check-By: apache.org
Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 11 Sep 2013 10:52:49 +0000
Received: from eris.apache.org (localhost [127.0.0.1])
	by eris.apache.org (Postfix) with ESMTP id 0A0D623888A6;
	Wed, 11 Sep 2013 10:52:28 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: svn commit: r1521793 - in /cxf/fediz/trunk: pom.xml
 services/sts/src/main/java/org/apache/cxf/fediz/service/sts/FedizSAMLDelegationHandler.java
 services/sts/src/main/webapp/WEB-INF/cxf-transport.xml
 services/sts/src/realms/webapp/WEB-INF/cxf-transport.xml
Date: Wed, 11 Sep 2013 10:52:27 -0000
To: commits@cxf.apache.org
From: coheigea@apache.org
X-Mailer: svnmailer-1.0.9
Message-Id: <20130911105228.0A0D623888A6@eris.apache.org>
X-Virus-Checked: Checked by ClamAV on apache.org

Author: coheigea
Date: Wed Sep 11 10:52:27 2013
New Revision: 1521793

URL: http://svn.apache.org/r1521793
Log:
Upgrading to CXF 2.7.7-SNAPSHOT
 - Adding in FedizSAMLDelegationHandler

Added:
    cxf/fediz/trunk/services/sts/src/main/java/org/apache/cxf/fediz/service/sts/FedizSAMLDelegationHandler.java
Modified:
    cxf/fediz/trunk/pom.xml
    cxf/fediz/trunk/services/sts/src/main/webapp/WEB-INF/cxf-transport.xml
    cxf/fediz/trunk/services/sts/src/realms/webapp/WEB-INF/cxf-transport.xml

Modified: cxf/fediz/trunk/pom.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/pom.xml?rev=1521793&r1=1521792&r2=1521793&view=diff
==============================================================================
--- cxf/fediz/trunk/pom.xml (original)
+++ cxf/fediz/trunk/pom.xml Wed Sep 11 10:52:27 2013
@@ -34,7 +34,7 @@
     <properties>
         <commons.lang.version>3.0.1</commons.lang.version>
         <commons.logging.version>1.1.1</commons.logging.version>
-        <cxf.version>2.7.6</cxf.version>
+        <cxf.version>2.7.7-SNAPSHOT</cxf.version>
         <cxf.build-utils.version>2.5.0</cxf.build-utils.version>
         <ehcache.version>2.5.1</ehcache.version>
         <httpclient.version>4.2.2</httpclient.version>
@@ -48,7 +48,7 @@
         <spring.version>3.1.4.RELEASE</spring.version>
         <spring.security.version>3.1.4.RELEASE</spring.security.version>
         <tomcat.version>7.0.42</tomcat.version>
-        <wss4j.version>1.6.11</wss4j.version>
+        <wss4j.version>1.6.12</wss4j.version>
 
         <tomcat.url>http://localhost:8080/manager/text</tomcat.url>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>

Added: cxf/fediz/trunk/services/sts/src/main/java/org/apache/cxf/fediz/service/sts/FedizSAMLDelegationHandler.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/services/sts/src/main/java/org/apache/cxf/fediz/service/sts/FedizSAMLDelegationHandler.java?rev=1521793&view=auto
==============================================================================
--- cxf/fediz/trunk/services/sts/src/main/java/org/apache/cxf/fediz/service/sts/FedizSAMLDelegationHandler.java (added)
+++ cxf/fediz/trunk/services/sts/src/main/java/org/apache/cxf/fediz/service/sts/FedizSAMLDelegationHandler.java Wed Sep 11 10:52:27 2013
@@ -0,0 +1,53 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.fediz.service.sts;
+
+import java.util.Collections;
+import java.util.List;
+
+import org.apache.cxf.sts.request.ReceivedToken;
+import org.apache.cxf.sts.token.delegation.TokenDelegationParameters;
+import org.apache.cxf.sts.token.delegation.TokenDelegationResponse;
+import org.apache.ws.security.saml.ext.AssertionWrapper;
+
+/**
+ * The SAML TokenDelegationHandler implementation. It disallows ActAs or OnBehalfOf for
+ * all cases apart from the case of a Bearer SAML Token. It differs from the SAMLDelegationHandler
+ * in the STS core, in that it doesn't require that the AppliesTo address match an 
+ * AudienceRestriction address in the token.
+ */
+public class FedizSAMLDelegationHandler 
+    extends org.apache.cxf.sts.token.delegation.SAMLDelegationHandler {
+    
+    @Override
+    public boolean canHandleToken(ReceivedToken delegateTarget) {
+        System.out.println("CANHANDLE");
+        return super.canHandleToken(delegateTarget);
+    }
+    @Override
+    public TokenDelegationResponse isDelegationAllowed(TokenDelegationParameters tokenParameters) { 
+        System.out.println("HERE!");
+        return super.isDelegationAllowed(tokenParameters);
+    }
+    @Override
+    protected List<String> getAudienceRestrictions(AssertionWrapper assertion) {
+        return Collections.emptyList();
+    }
+    
+}
\ No newline at end of file

Modified: cxf/fediz/trunk/services/sts/src/main/webapp/WEB-INF/cxf-transport.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/services/sts/src/main/webapp/WEB-INF/cxf-transport.xml?rev=1521793&r1=1521792&r2=1521793&view=diff
==============================================================================
--- cxf/fediz/trunk/services/sts/src/main/webapp/WEB-INF/cxf-transport.xml (original)
+++ cxf/fediz/trunk/services/sts/src/main/webapp/WEB-INF/cxf-transport.xml Wed Sep 11 10:52:27 2013
@@ -37,6 +37,9 @@
 		<property name="issueOperation" ref="transportIssueDelegate" />
 		<property name="validateOperation" ref="transportValidateDelegate" />
 	</bean>
+	
+	<bean id="samlDelegationHandler" 
+	      class="org.apache.cxf.fediz.service.sts.FedizSAMLDelegationHandler" />
 
 	<bean id="transportIssueDelegate" class="org.apache.cxf.sts.operation.TokenIssueOperation">
 		<property name="tokenProviders" ref="transportTokenProviders" />
@@ -45,6 +48,7 @@
 		<property name="stsProperties" ref="transportSTSProperties" />
 		<property name="claimsManager" ref="claimsManager" />
 		<property name="eventListener" ref="loggerListener" />
+		<property name="delegationHandlers" ref="samlDelegationHandler" />
 	</bean>
 
 	<bean id="transportValidateDelegate" class="org.apache.cxf.sts.operation.TokenValidateOperation">

Modified: cxf/fediz/trunk/services/sts/src/realms/webapp/WEB-INF/cxf-transport.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/services/sts/src/realms/webapp/WEB-INF/cxf-transport.xml?rev=1521793&r1=1521792&r2=1521793&view=diff
==============================================================================
--- cxf/fediz/trunk/services/sts/src/realms/webapp/WEB-INF/cxf-transport.xml (original)
+++ cxf/fediz/trunk/services/sts/src/realms/webapp/WEB-INF/cxf-transport.xml Wed Sep 11 10:52:27 2013
@@ -29,6 +29,9 @@
 			<cxf:logging />
 		</cxf:features>
 	</cxf:bus>
+	
+	<bean id="samlDelegationHandler" 
+	      class="org.apache.cxf.fediz.service.sts.FedizSAMLDelegationHandler" />
 
 	<bean id="transportSTSProviderBean"
 		class="org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider">
@@ -43,6 +46,7 @@
 		<property name="claimsManager" ref="claimsManager" />
 		<property name="tokenValidators" ref="transportTokenValidators" />
 		<property name="eventListener" ref="loggerListener" />
+		<property name="delegationHandlers" ref="samlDelegationHandler" />
 	</bean>
 
 	<bean id="transportValidateDelegate" class="org.apache.cxf.sts.operation.TokenValidateOperation">