cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject cxf git commit: CXF-6949 - Add support to the ReceivedTokenCalbackHandler to return a transformed token
Date Tue, 21 Jun 2016 11:08:45 GMT
Repository: cxf
Updated Branches:
  refs/heads/3.0.x-fixes ebae41e92 -> 38b0d91cd


CXF-6949 - Add support to the ReceivedTokenCalbackHandler to return a transformed token


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/38b0d91c
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/38b0d91c
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/38b0d91c

Branch: refs/heads/3.0.x-fixes
Commit: 38b0d91cdcaa8679fc3a921d77ddf313ff854ac7
Parents: ebae41e
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Tue Jun 21 11:17:46 2016 +0100
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Tue Jun 21 11:55:42 2016 +0100

----------------------------------------------------------------------
 .../ReceivedTokenCallbackHandler.java           | 22 ++++++++++++++++++++
 1 file changed, 22 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/38b0d91c/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/delegation/ReceivedTokenCallbackHandler.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/delegation/ReceivedTokenCallbackHandler.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/delegation/ReceivedTokenCallbackHandler.java
index 17907ef..8e6ac27 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/delegation/ReceivedTokenCallbackHandler.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/delegation/ReceivedTokenCallbackHandler.java
@@ -48,6 +48,8 @@ import org.apache.wss4j.dom.message.token.UsernameToken;
  */
 public class ReceivedTokenCallbackHandler implements CallbackHandler {
     
+    private boolean useTransformedToken = true;
+    
     @SuppressWarnings("unchecked")
     public void handle(Callback[] callbacks)
         throws IOException, UnsupportedCallbackException {
@@ -94,6 +96,13 @@ public class ReceivedTokenCallbackHandler implements CallbackHandler {
         List<WSSecurityEngineResult> wsSecEngineResults
     ) {
         for (WSSecurityEngineResult wser : wsSecEngineResults) {
+            // First check for a transformed token
+            Object transformedToken = wser.get(WSSecurityEngineResult.TAG_TRANSFORMED_TOKEN);
+            if (useTransformedToken && transformedToken instanceof SamlAssertionWrapper)
{
+                return ((SamlAssertionWrapper)transformedToken).getElement();
+            }
+            
+            // Otherwise check the actions
             Integer actInt = (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
             if (actInt.intValue() == WSConstants.ST_SIGNED
                 || actInt.intValue() == WSConstants.ST_UNSIGNED) {
@@ -113,5 +122,18 @@ public class ReceivedTokenCallbackHandler implements CallbackHandler
{
         }
         return null;
     }
+
+    public boolean isUseTransformedToken() {
+        return useTransformedToken;
+    }
+
+    /**
+     * Set whether to use the transformed token if it is available from a previous security
result.
+     * It false, it uses the original "received" token instead. The default is "true".
+     * @param useTransformedToken whether to use the transformed token if it is available
+     */
+    public void setUseTransformedToken(boolean useTransformedToken) {
+        this.useTransformedToken = useTransformedToken;
+    }
     
 }


Mime
View raw message