cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From r...@apache.org
Subject [12/36] cxf git commit: [CXF-6883] - Crypto caching issues in the WS-Security code
Date Sun, 01 May 2016 19:36:28 GMT
[CXF-6883] - Crypto caching issues in the WS-Security code


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/4bce078f
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/4bce078f
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/4bce078f

Branch: refs/heads/master-jaxrs-2.1
Commit: 4bce078fa98db0a64acf8017196fbcc7eadaa3a1
Parents: 64b8dbc
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Tue Apr 26 14:20:31 2016 +0100
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Tue Apr 26 14:21:32 2016 +0100

----------------------------------------------------------------------
 .../wss4j/policyhandlers/AbstractBindingBuilder.java         | 8 +++++++-
 .../wss4j/policyhandlers/SymmetricBindingHandler.java        | 1 -
 2 files changed, 7 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/4bce078f/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
index 27254df..335f1ef 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
@@ -309,6 +309,9 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
             Map<Object, Crypto> o = 
                 CastUtils.cast((Map<?, ?>)message.getContextualProperty(CRYPTO_CACHE));
             if (o == null) {
+                o = CastUtils.cast((Map<?, ?>)info.getProperty(CRYPTO_CACHE));
+            }
+            if (o == null) {
                 o = new ConcurrentHashMap<>();
                 info.setProperty(CRYPTO_CACHE, o);
             }
@@ -1507,6 +1510,9 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
                 crypto.verifyTrust(certs, enableRevocation, null);
             }
         }
+        if (crypto != null) {
+            this.message.getExchange().put(SecurityConstants.ENCRYPT_CRYPTO, crypto);
+        }
         return crypto;
 
     }
@@ -1777,7 +1783,7 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle
             crypto = getEncryptionCrypto();
         }
         
-        if (!endorse) {
+        if (!encryptCrypto) {
             message.getExchange().put(SecurityConstants.SIGNATURE_CRYPTO, crypto);
         }
         String user = (String)SecurityUtils.getSecurityPropertyValue(userNameKey, message);

http://git-wip-us.apache.org/repos/asf/cxf/blob/4bce078f/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
index 46e5301..b785898 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
@@ -545,7 +545,6 @@ public class SymmetricBindingHandler extends AbstractBindingBuilder {
                     encr.setEphemeralKey(encrTok.getSecret());
                     Crypto crypto = getEncryptionCrypto();
                     if (crypto != null) {
-                        this.message.getExchange().put(SecurityConstants.ENCRYPT_CRYPTO,
crypto);
                         setEncryptionUser(encr, encrToken, false, crypto);
                     }
                     


Mime
View raw message