cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [2/3] git commit: Only store principal if the token is signed
Date Fri, 26 Sep 2014 12:34:21 GMT
Only store principal if the token is signed


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/e19c52fe
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/e19c52fe
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/e19c52fe

Branch: refs/heads/3.0.x-fixes
Commit: e19c52fee804cbfcb2eb84fd3e163e5c73da951e
Parents: ebf3e0a
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Fri Sep 26 12:36:17 2014 +0100
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Fri Sep 26 13:34:10 2014 +0100

----------------------------------------------------------------------
 .../ws/security/wss4j/SamlTokenInterceptor.java    | 17 +++++++++--------
 1 file changed, 9 insertions(+), 8 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/e19c52fe/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java
index 1adf942..3fab203 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/SamlTokenInterceptor.java
@@ -144,15 +144,16 @@ public class SamlTokenInterceptor extends AbstractTokenInterceptor {
                             }
                         }
                         
-                        Principal principal = 
-                            (Principal)samlResults.get(0).get(WSSecurityEngineResult.TAG_PRINCIPAL);
-                        message.put(WSS4JInInterceptor.PRINCIPAL_RESULT, principal);    
              
-                        
-                        SecurityContext sc = message.get(SecurityContext.class);
-                        if (sc == null || sc.getUserPrincipal() == null) {
-                            message.put(SecurityContext.class, new DefaultSecurityContext(principal,
null));
+                        if (signed) {
+                            Principal principal = 
+                                (Principal)samlResults.get(0).get(WSSecurityEngineResult.TAG_PRINCIPAL);
+                            message.put(WSS4JInInterceptor.PRINCIPAL_RESULT, principal);
                  
+                            
+                            SecurityContext sc = message.get(SecurityContext.class);
+                            if (sc == null || sc.getUserPrincipal() == null) {
+                                message.put(SecurityContext.class, new DefaultSecurityContext(principal,
null));
+                            }
                         }
-
                     }
                 } catch (WSSecurityException ex) {
                     throw new Fault(ex);


Mime
View raw message