cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daniel Kulp (JIRA)" <>
Subject [jira] [Resolved] (CXF-3820) SecurityToken class should be serializable
Date Fri, 23 Sep 2011 21:13:26 GMT


Daniel Kulp resolved CXF-3820.

    Resolution: Fixed
      Assignee: Daniel Kulp

I've applied the patch as it certainly doesn't *break* anything and does allow the security
token to be serialized in some cases.  However, SecurityTokens that provide or require a Crypto
object will not work as that is transient.   TransportBindingHandler.doSignature and AbstractBindingBuilder.handleSupportingTokens
have calls to token.getCrypto() that would then return null.  In both cases, I believe an
NPE would be raised, but that would need to be verified. 

However, outside those two cases, everything certainly looks OK.

> SecurityToken class should be serializable
> ------------------------------------------
>                 Key: CXF-3820
>                 URL:
>             Project: CXF
>          Issue Type: Improvement
>          Components: WS-* Components
>    Affects Versions: 2.4.2
>            Reporter: Anubhav Sharma
>            Assignee: Daniel Kulp
>            Priority: Minor
>             Fix For: 2.4.3
>         Attachments: 0047-made-SecurityToken-serializable.patch
> Class should implement serializable.
This will allow users to use this class for presistent cache.

This message is automatically generated by JIRA.
For more information on JIRA, see:


View raw message