[2/4] git commit: Fixing problem with IssuedToken policy validation

Thu, 26 Jun 2014 07:29:04 -0700 

Fixing problem with IssuedToken policy validation

Conflicts:
        
rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/b3cfe659
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/b3cfe659
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/b3cfe659

Branch: refs/heads/2.7.x-fixes
Commit: b3cfe6594d7be3ddd0b914e29c5ada240f97fe59
Parents: 0c0e20a
Author: Colm O hEigeartaigh <[email protected]>
Authored: Thu Jun 26 15:01:54 2014 +0100
Committer: Colm O hEigeartaigh <[email protected]>
Committed: Thu Jun 26 15:22:36 2014 +0100

----------------------------------------------------------------------
 .../IssuedTokenInterceptorProvider.java           | 18 ++++++++++++++++--
 1 file changed, 16 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/b3cfe659/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
----------------------------------------------------------------------
diff --git 
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
 
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
index 9d69d17..2c37826 100644
--- 
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
+++ 
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java
@@ -544,12 +544,23 @@ public class IssuedTokenInterceptorProvider extends 
AbstractPolicyInterceptorPro
                 if (ais == null) {
                     return;
                 }
+<<<<<<< HEAD
+=======
+                
+                IssuedToken itok = 
(IssuedToken)ais.iterator().next().getAssertion();
+                assertIssuedToken(itok, aim);
+                
+>>>>>>> 60bad6d... Fixing problem with IssuedToken policy validation
                 if (!isRequestor(message)) {
                     message.getExchange().remove(SecurityConstants.TOKEN);
                     List<WSHandlerResult> results = 
                         
CastUtils.cast((List<?>)message.get(WSHandlerConstants.RECV_RESULTS));
                     if (results != null && results.size() > 0) {
-                        parseHandlerResults(results.get(0), message, aim);
+                        parseHandlerResults(results.get(0), message, ais);
+                    }
+                } else {
+                    for (AssertionInfo ai : ais) {
+                        ai.setAsserted(true);
                     }
                 } else {
                     //client side should be checked on the way out
@@ -563,14 +574,17 @@ public class IssuedTokenInterceptorProvider extends 
AbstractPolicyInterceptorPro
         private void parseHandlerResults(
             WSHandlerResult rResult,
             Message message,
-            AssertionInfoMap aim
+            Collection<AssertionInfo> issuedAis
         ) {
             List<WSSecurityEngineResult> signedResults = 
                 WSS4JUtils.fetchAllActionResults(rResult.getResults(), 
WSConstants.SIGN);
             
             IssuedTokenPolicyValidator issuedValidator = 
                 new IssuedTokenPolicyValidator(signedResults, message);
+<<<<<<< HEAD
             Collection<AssertionInfo> issuedAis = 
aim.get(SP12Constants.ISSUED_TOKEN);
+=======
+>>>>>>> 60bad6d... Fixing problem with IssuedToken policy validation
 
             for (AssertionWrapper assertionWrapper : 
findSamlTokenResults(rResult.getResults())) {
                 boolean valid = issuedValidator.validatePolicy(issuedAis, 
assertionWrapper);

Reply via email to