cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daniel Kulp (JIRA)" <j...@apache.org>
Subject [jira] [Resolved] (CXF-3820) SecurityToken class should be serializable
Date Fri, 23 Sep 2011 21:13:26 GMT

     [ https://issues.apache.org/jira/browse/CXF-3820?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Daniel Kulp resolved CXF-3820.
------------------------------

    Resolution: Fixed
      Assignee: Daniel Kulp


I've applied the patch as it certainly doesn't *break* anything and does allow the security
token to be serialized in some cases.  However, SecurityTokens that provide or require a Crypto
object will not work as that is transient.   TransportBindingHandler.doSignature and AbstractBindingBuilder.handleSupportingTokens
have calls to token.getCrypto() that would then return null.  In both cases, I believe an
NPE would be raised, but that would need to be verified. 

However, outside those two cases, everything certainly looks OK.



> SecurityToken class should be serializable
> ------------------------------------------
>
>                 Key: CXF-3820
>                 URL: https://issues.apache.org/jira/browse/CXF-3820
>             Project: CXF
>          Issue Type: Improvement
>          Components: WS-* Components
>    Affects Versions: 2.4.2
>            Reporter: Anubhav Sharma
>            Assignee: Daniel Kulp
>            Priority: Minor
>             Fix For: 2.4.3
>
>         Attachments: 0047-made-SecurityToken-serializable.patch
>
>
> Class org.apache.cxf.ws.security.tokenstore.SecurityToken should implement serializable.
This will allow users to use this class for presistent cache.

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message