Return-Path: X-Original-To: apmail-cxf-commits-archive@www.apache.org Delivered-To: apmail-cxf-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id C807410442 for ; Tue, 18 Mar 2014 21:19:22 +0000 (UTC) Received: (qmail 15784 invoked by uid 500); 18 Mar 2014 21:18:32 -0000 Delivered-To: apmail-cxf-commits-archive@cxf.apache.org Received: (qmail 15607 invoked by uid 500); 18 Mar 2014 21:18:12 -0000 Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cxf.apache.org Delivered-To: mailing list commits@cxf.apache.org Received: (qmail 15530 invoked by uid 99); 18 Mar 2014 21:18:08 -0000 Received: from tyr.zones.apache.org (HELO tyr.zones.apache.org) (140.211.11.114) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 18 Mar 2014 21:18:08 +0000 Received: by tyr.zones.apache.org (Postfix, from userid 65534) id 867D39832B5; Tue, 18 Mar 2014 21:18:08 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: owulff@apache.org To: commits@cxf.apache.org Date: Tue, 18 Mar 2014 21:18:09 -0000 Message-Id: <27ad4985d78a4148959dcef0ae9d3454@git.apache.org> In-Reply-To: <355f701d9ae34d55bdd006b4fec540ef@git.apache.org> References: <355f701d9ae34d55bdd006b4fec540ef@git.apache.org> X-Mailer: ASF-Git Admin Mailer Subject: [2/3] git commit: Support caching option for trusted Idp tokens Support caching option for trusted Idp tokens Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/f5ea1923 Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/f5ea1923 Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/f5ea1923 Branch: refs/heads/master Commit: f5ea192342247a152f6013b65f377d307bd13f1d Parents: 00a61f4 Author: Oliver Wulff Authored: Tue Mar 18 22:09:24 2014 +0100 Committer: Oliver Wulff Committed: Tue Mar 18 22:09:24 2014 +0100 ---------------------------------------------------------------------- .../service/idp/beans/STSClientAction.java | 23 +++++++---------- .../idp/service/jpa/ConfigServiceJPA.java | 4 +-- .../WEB-INF/federation-signin-request.xml | 13 +++++++--- .../WEB-INF/federation-signin-response.xml | 27 +++++++------------- .../WEB-INF/federation-validate-request.xml | 4 +++ 5 files changed, 34 insertions(+), 37 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/f5ea1923/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/STSClientAction.java ---------------------------------------------------------------------- diff --git a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/STSClientAction.java b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/STSClientAction.java index b645dc7..2a03cb3 100644 --- a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/STSClientAction.java +++ b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/STSClientAction.java @@ -293,22 +293,17 @@ public class STSClientAction { private SecurityToken getSecurityToken(RequestContext context) throws ProcessingException { String whr = (String) WebUtils. getAttributeFromFlowScope(context, FederationConstants.PARAM_HOME_REALM); - SecurityToken idpToken = null; - if (whr != null) { - idpToken = (SecurityToken) WebUtils.getAttributeFromExternalContext(context, whr); - if (idpToken != null) { - if (LOG.isDebugEnabled()) { - LOG.debug("[IDP_TOKEN=" - + idpToken.getId() - + "] successfully retrieved from cache for home realm [" - + whr + "]"); - } - } else { - LOG.error("IDP_TOKEN not found"); - throw new ProcessingException(TYPE.BAD_REQUEST); + + SecurityToken idpToken = (SecurityToken) WebUtils.getAttributeFromFlowScope(context, "idpToken"); + if (idpToken != null) { + if (LOG.isDebugEnabled()) { + LOG.debug("[IDP_TOKEN=" + + idpToken.getId() + + "] successfully retrieved from cache for home realm [" + + whr + "]"); } } else { - LOG.error("Home realm not found"); + LOG.error("IDP_TOKEN not found"); throw new ProcessingException(TYPE.BAD_REQUEST); } return idpToken; http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/f5ea1923/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/service/jpa/ConfigServiceJPA.java ---------------------------------------------------------------------- diff --git a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/service/jpa/ConfigServiceJPA.java b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/service/jpa/ConfigServiceJPA.java index 2b481ff..fe1fac7 100644 --- a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/service/jpa/ConfigServiceJPA.java +++ b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/service/jpa/ConfigServiceJPA.java @@ -39,7 +39,7 @@ import org.springframework.security.core.context.SecurityContextHolder; public class ConfigServiceJPA implements ConfigService { - private static final Logger LOG = LoggerFactory.getLogger(TrustedIdpDAOJPAImpl.class); + private static final Logger LOG = LoggerFactory.getLogger(ConfigServiceJPA.class); IdpService idpService; @@ -62,7 +62,7 @@ public class ConfigServiceJPA implements ConfigService { } } finally { SecurityContextHolder.getContext().setAuthentication(currentAuthentication); - LOG.error("Old Spring security context restored"); + LOG.info("Old Spring security context restored"); } } http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/f5ea1923/services/idp/src/main/webapp/WEB-INF/federation-signin-request.xml ---------------------------------------------------------------------- diff --git a/services/idp/src/main/webapp/WEB-INF/federation-signin-request.xml b/services/idp/src/main/webapp/WEB-INF/federation-signin-request.xml index ca28ee3..48d876d 100644 --- a/services/idp/src/main/webapp/WEB-INF/federation-signin-request.xml +++ b/services/idp/src/main/webapp/WEB-INF/federation-signin-request.xml @@ -115,7 +115,9 @@ - + + + @@ -143,7 +145,9 @@ - + + + @@ -157,7 +161,9 @@ - + + + @@ -166,6 +172,7 @@ + http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/f5ea1923/services/idp/src/main/webapp/WEB-INF/federation-signin-response.xml ---------------------------------------------------------------------- diff --git a/services/idp/src/main/webapp/WEB-INF/federation-signin-response.xml b/services/idp/src/main/webapp/WEB-INF/federation-signin-response.xml index ffee75e..3feef6e 100644 --- a/services/idp/src/main/webapp/WEB-INF/federation-signin-response.xml +++ b/services/idp/src/main/webapp/WEB-INF/federation-signin-response.xml @@ -34,33 +34,23 @@ - - - - - + + + + value="flowScope.idpToken" /> - - + @@ -68,6 +58,7 @@ + http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/f5ea1923/services/idp/src/main/webapp/WEB-INF/federation-validate-request.xml ---------------------------------------------------------------------- diff --git a/services/idp/src/main/webapp/WEB-INF/federation-validate-request.xml b/services/idp/src/main/webapp/WEB-INF/federation-validate-request.xml index f517a81..6f7d232 100644 --- a/services/idp/src/main/webapp/WEB-INF/federation-validate-request.xml +++ b/services/idp/src/main/webapp/WEB-INF/federation-validate-request.xml @@ -73,10 +73,12 @@ + + @@ -100,12 +102,14 @@ + +