cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [3/5] cxf git commit: Avoid a bug that a bearer subject conf is not enforced if the subject conf list is not empty
Date Fri, 27 Nov 2015 13:55:28 GMT
Avoid a bug that a bearer subject conf is not enforced if the subject conf list is not empty

Conflicts:
	rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/saml/SamlOAuthValidator.java


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/e2e33e88
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/e2e33e88
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/e2e33e88

Branch: refs/heads/3.0.x-fixes
Commit: e2e33e886411c84b6fe44a9b75baab1448b6b60f
Parents: 97aea16
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Fri Nov 27 12:04:48 2015 +0000
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Fri Nov 27 13:06:19 2015 +0000

----------------------------------------------------------------------
 .../rs/security/oauth2/saml/SamlOAuthValidator.java | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/e2e33e88/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/saml/SamlOAuthValidator.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/saml/SamlOAuthValidator.java
b/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/saml/SamlOAuthValidator.java
index 888ddf5..526fea9 100644
--- a/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/saml/SamlOAuthValidator.java
+++ b/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/saml/SamlOAuthValidator.java
@@ -123,18 +123,26 @@ public class SamlOAuthValidator {
     
     private boolean validateAuthenticationSubject(Message m, 
                                                   Conditions cs,
+<<<<<<< HEAD
                                                   org.opensaml.saml2.core.Subject subject)
{
         if (subject.getSubjectConfirmations() == null) {
             return false;
         }
+=======
+                                                  org.opensaml.saml.saml2.core.Subject subject)
{
+>>>>>>> 6b35529... Avoid a bug that a bearer subject conf is not enforced
if the subject conf list is not empty
         // We need to find a Bearer Subject Confirmation method
-        for (SubjectConfirmation subjectConf : subject.getSubjectConfirmations()) {
-            if (SAML2Constants.CONF_BEARER.equals(subjectConf.getMethod())) {
-                validateSubjectConfirmation(m, cs, subjectConf.getSubjectConfirmationData());
+        boolean bearerSubjectConfFound = false;
+        if (subject.getSubjectConfirmations() != null) {
+            for (SubjectConfirmation subjectConf : subject.getSubjectConfirmations()) {
+                if (SAML2Constants.CONF_BEARER.equals(subjectConf.getMethod())) {
+                    validateSubjectConfirmation(m, cs, subjectConf.getSubjectConfirmationData());
+                    bearerSubjectConfFound = true;
+                }
             }
         }
           
-        return true;
+        return bearerSubjectConfFound;
     }
       
       /**


Mime
View raw message