cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject cxf-fediz git commit: [FEDIZ-140] - IDP caches outdated SAML Tokens
Date Tue, 12 Jan 2016 16:03:24 GMT
Repository: cxf-fediz
Updated Branches:
  refs/heads/1.2.x-fixes 270f25a77 -> 5d18973a1


[FEDIZ-140] - IDP caches outdated SAML Tokens


Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/5d18973a
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/5d18973a
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/5d18973a

Branch: refs/heads/1.2.x-fixes
Commit: 5d18973a1f7e474930eda87636217600a776bee2
Parents: 270f25a
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Tue Jan 12 15:48:34 2016 +0000
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Tue Jan 12 16:02:07 2016 +0000

----------------------------------------------------------------------
 .../cxf/fediz/service/idp/beans/WfreshParser.java  | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/5d18973a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/WfreshParser.java
----------------------------------------------------------------------
diff --git a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/WfreshParser.java
b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/WfreshParser.java
index cc2ef2f..3fba1c8 100644
--- a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/WfreshParser.java
+++ b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/WfreshParser.java
@@ -34,13 +34,14 @@ public class WfreshParser {
 
     private static final Logger LOG = LoggerFactory
             .getLogger(WfreshParser.class);
+    private boolean tokenExpirationValidation = true;
 
     public boolean authenticationRequired(String wfresh, String whr, RequestContext context)
         throws Exception {
         
         SecurityToken idpToken = 
             (SecurityToken) WebUtils.getAttributeFromExternalContext(context, whr);
-        if (idpToken.isExpired()) {
+        if (tokenExpirationValidation && idpToken.isExpired()) {
             LOG.info("[IDP_TOKEN=" + idpToken.getId() + "] is expired.");
             return true;
         }
@@ -80,4 +81,18 @@ public class WfreshParser {
         return false;
     }
 
+    public boolean isTokenExpirationValidation() {
+        return tokenExpirationValidation;
+    }
+
+    /**
+     * Set whether the token validation (e.g. lifetime) shall be performed on every request
(true) or only 
+     * once at initial authentication (false). The default is "true" (note that the plugins
default for this
+     * configuration option is "true").
+     * @param tokenExpirationValidation Whether to perform token expiration validation per
request
+     */
+    public void setTokenExpirationValidation(boolean tokenExpirationValidation) {
+        this.tokenExpirationValidation = tokenExpirationValidation;
+    }
+
 }


Mime
View raw message