I'm not sure on this point, and perhaps just hair-splitting, but when
you have a boolean value whose usage is optional and rarely declared, I
suspect the "true" value should be the non-common setting (the
non-default one), as that makes it more self-documenting and clearer
that you're doing something non-default (and hence, you can just go
ahead and remove the declaration if you want normal functionality).
I.e., instead of "sendRenewing=false" having "hideRenewing=true" might
be better.
Glen
On 06/07/2012 06:32 AM, cohei...@apache.org wrote:
Author: coheigea
Date: Thu Jun 7 10:32:00 2012
New Revision: 1347560
URL: http://svn.apache.org/viewvc?rev=1347560&view=rev
Log:
Adding a "sendRenewing" property to the STSClient
Modified:
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
cxf/trunk/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/renew/SAMLRenewUnitTest.java
Modified:
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java?rev=1347560&r1=1347559&r2=1347560&view=diff
==============================================================================
---
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
(original)
+++
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSClient.java
Thu Jun 7 10:32:00 2012
@@ -165,6 +165,7 @@ public class STSClient implements Config
protected boolean isSpnego;
protected boolean enableLifetime;
protected int ttl = 300;
+ protected boolean sendRenewing = true;
protected boolean allowRenewing = true;
protected boolean allowRenewingAfterExpiry;
@@ -215,6 +216,10 @@ public class STSClient implements Config
this.enableLifetime = enableLifetime;
}
+ public void setSendRenewing(boolean sendRenewing) {
+ this.sendRenewing = sendRenewing;
+ }
+
/**
* Sets the WS-P policy that is applied to communications between this
client and the remote server
* if no value is supplied for {@link #setWsdlLocation(String)}.
@@ -720,14 +725,16 @@ public class STSClient implements Config
}
// Write out renewal semantics
- writer.writeStartElement("wst", "Renewing", namespace);
- if (!allowRenewing) {
- writer.writeAttribute(null, "Allow", "false");
- }
- if (allowRenewing&& allowRenewingAfterExpiry) {
- writer.writeAttribute(null, "OK", "true");
+ if (sendRenewing) {
+ writer.writeStartElement("wst", "Renewing", namespace);
+ if (!allowRenewing) {
+ writer.writeAttribute(null, "Allow", "false");
+ }
+ if (allowRenewing&& allowRenewingAfterExpiry) {
+ writer.writeAttribute(null, "OK", "true");
+ }
+ writer.writeEndElement();
}
- writer.writeEndElement();
writer.writeEndElement();
Modified:
cxf/trunk/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/renew/SAMLRenewUnitTest.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/renew/SAMLRenewUnitTest.java?rev=1347560&r1=1347559&r2=1347560&view=diff
==============================================================================
---
cxf/trunk/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/renew/SAMLRenewUnitTest.java
(original)
+++
cxf/trunk/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/renew/SAMLRenewUnitTest.java
Thu Jun 7 10:32:00 2012
@@ -223,10 +223,47 @@ public class SAMLRenewUnitTest extends A
bus.shutdown(true);
}
+ @org.junit.Test
+ public void testRenewDisabled() throws Exception {
+ SpringBusFactory bf = new SpringBusFactory();
+ URL busFile =
SAMLRenewUnitTest.class.getResource("cxf-client-unit.xml");
+
+ Bus bus = bf.createBus(busFile.toString());
+ SpringBusFactory.setDefaultBus(bus);
+ SpringBusFactory.setThreadDefaultBus(bus);
+
+ String wsdlLocation =
+ "https://localhost:"; + STSPORT +
"/SecurityTokenService/Transport?wsdl";
+
+ // Request the token
+ SecurityToken token =
+ requestSecurityToken(bus, wsdlLocation,
WSConstants.WSS_SAML_TOKEN_TYPE, 300, false, false);
+ assertNotNull(token);
+
+ // Validate the token
+ List<SecurityToken> validatedTokens = validateSecurityToken(bus,
wsdlLocation, token);
+ assertFalse(validatedTokens.isEmpty());
+ assertTrue(validatedTokens.get(0).equals(token));
+
+ // Renew the token
+ SecurityToken renewedToken = renewSecurityToken(bus, wsdlLocation,
token, false);
+ assertFalse(token.equals(renewedToken));
+
+ // Validate the renewed token
+ validateSecurityToken(bus, wsdlLocation, renewedToken);
+
+ bus.shutdown(true);
+ }
private SecurityToken requestSecurityToken(
Bus bus, String wsdlLocation, String tokenType, int ttl, boolean
allowExpired
) throws Exception {
+ return requestSecurityToken(bus, wsdlLocation, tokenType, ttl,
allowExpired, true);
+ }
+
+ private SecurityToken requestSecurityToken(
+ Bus bus, String wsdlLocation, String tokenType, int ttl, boolean
allowExpired, boolean sendRenewing
+ ) throws Exception {
STSClient stsClient = new STSClient(bus);
stsClient.setWsdlLocation(wsdlLocation);
stsClient.setServiceName("{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}SecurityTokenService";);
@@ -250,6 +287,7 @@ public class SAMLRenewUnitTest extends A
stsClient.setRequiresEntropy(true);
stsClient.setKeySize(128);
stsClient.setAddressingNamespace("http://www.w3.org/2005/08/addressing";);
+ stsClient.setSendRenewing(sendRenewing);
return
stsClient.requestSecurityToken("https://localhost:8081/doubleit/services/doubleittransport";);
}
--
Glen Mazza
Talend Community Coders
coders.talend.com
blog: www.jroller.com/gmazza
