cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject cxf git commit: Make sure a Subject claim exists before setting up the JWT security context
Date Mon, 07 Dec 2015 14:12:48 GMT
Repository: cxf
Updated Branches:
  refs/heads/3.0.x-fixes 9b155468a -> 8478e96dd


Make sure a Subject claim exists before setting up the JWT security context


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/8478e96d
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/8478e96d
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/8478e96d

Branch: refs/heads/3.0.x-fixes
Commit: 8478e96dde8a7800cccfb2dc0b2f14e4fe5dba89
Parents: 9b15546
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Mon Dec 7 14:03:21 2015 +0000
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Mon Dec 7 14:07:43 2015 +0000

----------------------------------------------------------------------
 .../cxf/rs/security/jose/jaxrs/JwtAuthenticationFilter.java       | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/8478e96d/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtAuthenticationFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtAuthenticationFilter.java
b/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtAuthenticationFilter.java
index b1a1966..b69c374 100644
--- a/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtAuthenticationFilter.java
+++ b/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtAuthenticationFilter.java
@@ -73,7 +73,8 @@ public class JwtAuthenticationFilter extends AbstractJoseJwtConsumer implements
         
         // The token must be signed/verified with a public key to set up the security context,

         // unless we directly configure otherwise
-        if (isVerifiedWithAPublicKey(jwt) || enableUnsignedJwt) {
+        if (jwt.getClaims().getSubject() != null 
+            && (isVerifiedWithAPublicKey(jwt) || enableUnsignedJwt)) {
             return new JwtTokenSecurityContext(jwt, roleClaim);
         }
         return null;


Mime
View raw message