cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject git commit: Fixing problem with IssuedToken policy validation
Date Thu, 26 Jun 2014 14:02:08 GMT
Repository: cxf
Updated Branches:
  refs/heads/master 417d93849 -> 60bad6d65


Fixing problem with IssuedToken policy validation


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/60bad6d6
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/60bad6d6
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/60bad6d6

Branch: refs/heads/master
Commit: 60bad6d65fa8ef8b51f72304430cdbde478dd9f0
Parents: 417d938
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Thu Jun 26 15:01:54 2014 +0100
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Thu Jun 26 15:01:54 2014 +0100

----------------------------------------------------------------------
 .../interceptors/IssuedTokenInterceptorProvider.java   | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/60bad6d6/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
index c08a078..7f9fd85 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
@@ -558,9 +558,6 @@ public class IssuedTokenInterceptorProvider extends AbstractPolicyInterceptorPro
                     return;
                 }
                 
-                for (AssertionInfo ai : ais) {
-                    ai.setAsserted(true);
-                }
                 IssuedToken itok = (IssuedToken)ais.iterator().next().getAssertion();
                 assertIssuedToken(itok, aim);
                 
@@ -569,7 +566,11 @@ public class IssuedTokenInterceptorProvider extends AbstractPolicyInterceptorPro
                     List<WSHandlerResult> results = 
                         CastUtils.cast((List<?>)message.get(WSHandlerConstants.RECV_RESULTS));
                     if (results != null && results.size() > 0) {
-                        parseHandlerResults(results.get(0), message, aim);
+                        parseHandlerResults(results.get(0), message, ais);
+                    }
+                } else {
+                    for (AssertionInfo ai : ais) {
+                        ai.setAsserted(true);
                     }
                 }
             }
@@ -578,15 +579,13 @@ public class IssuedTokenInterceptorProvider extends AbstractPolicyInterceptorPro
         private void parseHandlerResults(
             WSHandlerResult rResult,
             Message message,
-            AssertionInfoMap aim
+            Collection<AssertionInfo> issuedAis
         ) {
             List<WSSecurityEngineResult> signedResults = 
                 WSSecurityUtil.fetchAllActionResults(rResult.getResults(), WSConstants.SIGN);
             
             IssuedTokenPolicyValidator issuedValidator = 
                 new IssuedTokenPolicyValidator(signedResults, message);
-            Collection<AssertionInfo> issuedAis = 
-                NegotiationUtils.getAllAssertionsByLocalname(aim, SPConstants.ISSUED_TOKEN);
 
             for (SamlAssertionWrapper assertionWrapper : findSamlTokenResults(rResult.getResults()))
{
                 boolean valid = issuedValidator.validatePolicy(issuedAis, assertionWrapper);


Mime
View raw message