cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject cxf git commit: Make finding the ID of an issued token a bit more robust
Date Wed, 29 Apr 2015 13:10:34 GMT
Repository: cxf
Updated Branches:
  refs/heads/3.0.x-fixes 6a2b55597 -> c1cc2248a


Make finding the ID of an issued token a bit more robust


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/c1cc2248
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/c1cc2248
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/c1cc2248

Branch: refs/heads/3.0.x-fixes
Commit: c1cc2248a3e9c1ec13eb2d432c46fcc23b19f1b0
Parents: 6a2b555
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Wed Apr 29 14:07:21 2015 +0100
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Wed Apr 29 14:10:27 2015 +0100

----------------------------------------------------------------------
 .../cxf/ws/security/trust/AbstractSTSClient.java   | 17 +++++++++++++----
 .../policyhandlers/AbstractBindingBuilder.java     | 12 +++++++-----
 2 files changed, 20 insertions(+), 9 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/c1cc2248/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
index 0e757c6..f7bb885 100755
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
@@ -1616,18 +1616,27 @@ public abstract class AbstractSTSClient implements Configurable, InterceptorProv
                 && rst.hasAttributeNS(null, "ID")) {
                 id = rst.getAttributeNS(null, "ID");
             }
-            if (id == null) {
+            if (id == null || "".equals(id)) {
                 id = this.getIDFromSTR(rst);
             }
         }
-        if (id == null && rar != null) {
+        if ((id == null || "".equals(id)) && rar != null) {
             id = this.getIDFromSTR(rar);
         }
-        if (id == null && rur != null) {
+        if ((id == null || "".equals(id)) && rur != null) {
             id = this.getIDFromSTR(rur);
         }
-        if (id == null && rst != null) {
+        if ((id == null || "".equals(id)) && rst != null) {
             id = rst.getAttributeNS(WSConstants.WSU_NS, "Id");
+            if (id == null || "".equals(id)) {
+                QName elName = DOMUtils.getElementQName(rst);
+                if (elName.equals(new QName(WSConstants.SAML2_NS, "EncryptedAssertion")))
{
+                    Element child = DOMUtils.getFirstElement(rst);
+                    if (child != null) {
+                        id = child.getAttributeNS(WSConstants.WSU_NS, "Id");
+                    }
+                }
+            }
         }
         return id;
     }

http://git-wip-us.apache.org/repos/asf/cxf/blob/c1cc2248/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
index ce1f72a..a1825b8 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
@@ -636,11 +636,13 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
                     Document doc = token.getToken().getOwnerDocument();
                     boolean saml1 = WSConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType)
                         || WSConstants.SAML_NS.equals(tokenType);
-                    String id = null;
-                    if (saml1) {
-                        id = token.getToken().getAttributeNS(null, "AssertionID");
-                    } else {
-                        id = token.getToken().getAttributeNS(null, "ID");
+                    String id = token.getId();
+                    if (id == null || "".equals(id)) {
+                        if (saml1) {
+                            id = token.getToken().getAttributeNS(null, "AssertionID");
+                        } else {
+                            id = token.getToken().getAttributeNS(null, "ID");
+                        }
                     }
                     SecurityTokenReference secRef = 
                         createSTRForSamlAssertion(doc, id, saml1, false);


Mime
View raw message