cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject Re: CXF 2.7.11 STS support for AppliesTo w/ wsp:URI
Date Wed, 16 Apr 2014 15:49:49 GMT
That's perfect, thanx!

From:   Colm O hEigeartaigh <>
        ANG-B31, Information Security Branch
To:     "" <>, 
Date:   04/16/2014 11:13 AM
Subject:        Re: CXF 2.7.11 STS support for AppliesTo w/ wsp:URI

Hi Stephen,

I've fixed this issue as part of

For 2.7.x, the extractAddressFromAppliesTo remains static for backwards
compatibility reasons, but with the logic to parse wsp:URIs. On trunk the
method is no longer static to allow the user to replace the functionality
in an easier way.


On Tue, Apr 15, 2014 at 4:21 PM, <> wrote:

> In the STS I am working on, my customer's requirements allow an 
> element to take on either of these forms:
> <wsp:AppliesTo>
>   <wsa:EndpointReference>
>     <wsa:Address>http://some.relevant.address/</wsa:Address>
>   </wsa:EndpointReference>
> </wsp:AppliesTo>
> OR
> <wsp:AppliesTo>
>     <wsp:URI>http://some.relevant.address/</wsp:URI>
> </wsp:AppliesTo>
> AbstractOperation deals with the endpoint reference without a problem, 
> doesn't deal with the URI version at all. Ideally, I'd override
> AbstractOperation.extractAddressFromAppliesTo() to handle it and call it 
> day, but AbstractOperation defines that as a static method so it can't
> really be overridden. So instead, I've overridden
> createTokenProviderParameters to check if an AppliesTo address has been
> parsed, and if not, look for a URI. That works, but there's a drawback -
> when it finds the URI form, it will bypass the check to see if it is in 
> service list as well as some of the subsequent processing. I can 
> it, but that seems a little sub-optimal.
> Is there a better way to go about this?
> * Stephen W. Chappell*
> Engility Holdings, Inc., SSE TAL
> William J. Hughes Technical Center, FAA
> Information Security Team, ANG-B31
> (609) 485-6710

Colm O hEigeartaigh

Talend Community Coder

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message