cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf git commit: Making sure XmlSec/Sig/Enc in interceptors do not run on the client side unless the response code is 200
Date Wed, 29 Mar 2017 11:04:39 GMT
Repository: cxf
Updated Branches:
  refs/heads/3.0.x-fixes 92c181e7e -> c806cc348


Making sure XmlSec/Sig/Enc in interceptors do not run on the client side unless the response
code is 200


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/c806cc34
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/c806cc34
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/c806cc34

Branch: refs/heads/3.0.x-fixes
Commit: c806cc3481964bf5ab2b01a38127d54dbad805c6
Parents: 92c181e
Author: Sergey Beryozkin <sberyozkin@gmail.com>
Authored: Wed Mar 29 11:52:01 2017 +0100
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Wed Mar 29 12:04:26 2017 +0100

----------------------------------------------------------------------
 .../rs/security/xml/AbstractXmlSecInHandler.java  | 17 +++++++++++++----
 .../cxf/rs/security/xml/XmlSecInInterceptor.java  | 18 +++++++++++++++---
 2 files changed, 28 insertions(+), 7 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/c806cc34/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java
b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java
index 84c8150..23ec06ac 100644
--- a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java
+++ b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java
@@ -34,6 +34,7 @@ import org.apache.cxf.common.logging.LogUtils;
 import org.apache.cxf.jaxrs.utils.ExceptionUtils;
 import org.apache.cxf.jaxrs.utils.JAXRSUtils;
 import org.apache.cxf.message.Message;
+import org.apache.cxf.message.MessageUtils;
 import org.apache.cxf.staxutils.StaxUtils;
 import org.apache.cxf.staxutils.W3CDOMStreamReader;
 import org.apache.wss4j.dom.WSSConfig;
@@ -54,11 +55,14 @@ public abstract class AbstractXmlSecInHandler {
     }
     
     protected Document getDocument(Message message) {
-        String method = (String)message.get(Message.HTTP_REQUEST_METHOD);
-        if ("GET".equals(method)) {
+        if (isServerGet(message)) {
             return null;
+        } else {
+            Integer responseCode = (Integer)message.get(Message.RESPONSE_CODE);
+            if (responseCode != null && responseCode != 200) {
+                return null;
+            }
         }
-        
         Document doc = null;
         InputStream is = message.getContent(InputStream.class);
         if (is != null) {
@@ -79,13 +83,18 @@ public abstract class AbstractXmlSecInHandler {
         return doc;
     }
     
+    protected boolean isServerGet(Message message) {
+        String method = (String)message.get(Message.HTTP_REQUEST_METHOD);
+        return "GET".equals(method) && !MessageUtils.isRequestor(message);
+    }
+
     protected void throwFault(String error, Exception ex) {
         StringBuilder log = new StringBuilder(error);
         if (ex != null) {
             log = log.append(" - ").append(ex.getMessage());
         }
         LOG.warning(log.toString());
-        Response response = JAXRSUtils.toResponseBuilder(400).entity(error).build();
+        Response response = JAXRSUtils.toResponseBuilder(400).entity(error).type("text/plain").build();
         throw ExceptionUtils.toBadRequestException(null, response);
     }
 

http://git-wip-us.apache.org/repos/asf/cxf/blob/c806cc34/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
index 44da705..8db3ddf 100644
--- a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
+++ b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
@@ -98,7 +98,7 @@ public class XmlSecInInterceptor extends AbstractPhaseInterceptor<Message>
imple
     }
     
     public void handleMessage(Message message) throws Fault {
-        if (isServerGet(message)) {
+        if (!canDocumentBeRead(message)) {
             return;
         }
         prepareMessage(message);
@@ -141,6 +141,18 @@ public class XmlSecInInterceptor extends AbstractPhaseInterceptor<Message>
imple
         }
     }
 
+    private boolean canDocumentBeRead(Message message) {
+        if (isServerGet(message)) {
+            return false;
+        } else {
+            Integer responseCode = (Integer)message.get(Message.RESPONSE_CODE);
+            if (responseCode != null && responseCode != 200) {
+                return false;
+            }
+        }
+        return true;
+    }
+    
     private boolean isServerGet(Message message) {
         String method = (String)message.get(Message.HTTP_REQUEST_METHOD);
         return "GET".equals(method) && !MessageUtils.isRequestor(message);
@@ -320,7 +332,7 @@ public class XmlSecInInterceptor extends AbstractPhaseInterceptor<Message>
imple
     
     protected void throwFault(String error, Exception ex) {
         LOG.warning(error);
-        Response response = JAXRSUtils.toResponseBuilder(400).entity(error).build();
+        Response response = JAXRSUtils.toResponseBuilder(400).entity(error).type("text/plain").build();
         throw ExceptionUtils.toBadRequestException(null, response);
     }
 
@@ -389,7 +401,7 @@ public class XmlSecInInterceptor extends AbstractPhaseInterceptor<Message>
imple
     public Object aroundReadFrom(ReaderInterceptorContext ctx) throws IOException, WebApplicationException
{
         Message message = ((ReaderInterceptorContextImpl)ctx).getMessage();
 
-        if (isServerGet(message)) {
+        if (!canDocumentBeRead(message)) {
             return ctx.proceed();
         } else {
             prepareMessage(message);


Mime
View raw message