cxf git commit: Fixing some outbound policy assertions
Repository: cxf Updated Branches: refs/heads/master 9c3ee8bd3 -> 73a1199eb Fixing some outbound policy assertions Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/73a1199e Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/73a1199e Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/73a1199e Branch: refs/heads/master Commit: 73a1199ebb4203b0463ae91eb761596ae59722e2 Parents: 9c3ee8b Author: Colm O hEigeartaighAuthored: Wed Sep 9 12:53:11 2015 +0100 Committer: Colm O hEigeartaigh Committed: Wed Sep 9 14:44:05 2015 +0100 -- .../policyhandlers/AbstractBindingBuilder.java | 14 +--- .../AbstractCommonBindingHandler.java | 1 + .../AsymmetricBindingHandler.java | 34 ++-- .../policyhandlers/SymmetricBindingHandler.java | 13 4 files changed, 27 insertions(+), 35 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/73a1199e/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java -- diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java index 6cff697..3903e94 100644 --- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java +++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java @@ -369,12 +369,16 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle ai.setNotAsserted(SPConstants.LAYOUT_LAX_TIMESTAMP_FIRST + " requires a timestamp"); } else { addTopDownElement(timestampEl.getElement()); +ai.setAsserted(true); assertPolicy( new QName(binding.getLayout().getName().getNamespaceURI(), SPConstants.LAYOUT_LAX_TIMESTAMP_FIRST)); } } else if (timestampEl != null) { +ai.setAsserted(true); addTopDownElement(timestampEl.getElement()); +} else { +ai.setAsserted(true); } assertPolicy( @@ -1121,18 +1125,20 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle // Store them so that the main Signature doesn't sign them if (parts != null) { suppTokenParts.add(parts); +this.assertPolicy(parts.getName()); } if (elements != null) { suppTokenParts.add(elements); +this.assertPolicy(elements.getName()); } } else { Collection ais = getAllAssertionsByLocalname(SPConstants.SIGNED_PARTS); if (!ais.isEmpty()) { for (AssertionInfo ai : ais) { SignedParts signedParts = (SignedParts)ai.getAssertion(); +ai.setAsserted(true); if (!suppTokenParts.contains(signedParts)) { parts = signedParts; -ai.setAsserted(true); } } } @@ -1141,9 +1147,9 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle if (!ais.isEmpty()) { for (AssertionInfo ai : ais) { SignedElements signedElements = (SignedElements)ai.getAssertion(); +ai.setAsserted(true); if (!suppTokenParts.contains(signedElements)) { elements = signedElements; -ai.setAsserted(true); } } } @@ -1563,7 +1569,7 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle tokenTypeSet = true; } -assertPolicy(token); +assertToken(token); if (!tokenTypeSet) { boolean requestor = isRequestor(); @@ -1704,7 +1710,7 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle sig.setStoreBytesInAttachment(storeBytesInAttachment); checkForX509PkiPath(sig, token); if (token instanceof IssuedToken || token instanceof SamlToken) { -assertPolicy(token); +assertToken(token); SecurityToken securityToken = getSecurityToken(); String tokenType =
[2/2] cxf git commit: Fixing some outbound policy assertions
Fixing some outbound policy assertions Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/6f0dec69 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/6f0dec69 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/6f0dec69 Branch: refs/heads/3.0.x-fixes Commit: 6f0dec6995ac63f25bfb6b5a770501482d737bab Parents: 5130728 Author: Colm O hEigeartaighAuthored: Wed Sep 9 12:53:11 2015 +0100 Committer: Colm O hEigeartaigh Committed: Wed Sep 9 14:44:28 2015 +0100 -- .../policyhandlers/AbstractBindingBuilder.java | 14 +--- .../AbstractCommonBindingHandler.java | 1 + .../AsymmetricBindingHandler.java | 34 ++-- .../policyhandlers/SymmetricBindingHandler.java | 13 4 files changed, 27 insertions(+), 35 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/6f0dec69/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java -- diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java index d8ec26a..8ffa513 100644 --- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java +++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java @@ -363,12 +363,16 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle ai.setNotAsserted(SPConstants.LAYOUT_LAX_TIMESTAMP_FIRST + " requires a timestamp"); } else { addTopDownElement(timestampEl.getElement()); +ai.setAsserted(true); assertPolicy( new QName(binding.getLayout().getName().getNamespaceURI(), SPConstants.LAYOUT_LAX_TIMESTAMP_FIRST)); } } else if (timestampEl != null) { +ai.setAsserted(true); addTopDownElement(timestampEl.getElement()); +} else { +ai.setAsserted(true); } assertPolicy( @@ -1125,18 +1129,20 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle // Store them so that the main Signature doesn't sign them if (parts != null) { suppTokenParts.add(parts); +this.assertPolicy(parts.getName()); } if (elements != null) { suppTokenParts.add(elements); +this.assertPolicy(elements.getName()); } } else { Collection ais = getAllAssertionsByLocalname(SPConstants.SIGNED_PARTS); if (!ais.isEmpty()) { for (AssertionInfo ai : ais) { SignedParts signedParts = (SignedParts)ai.getAssertion(); +ai.setAsserted(true); if (!suppTokenParts.contains(signedParts)) { parts = signedParts; -ai.setAsserted(true); } } } @@ -1145,9 +1151,9 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle if (!ais.isEmpty()) { for (AssertionInfo ai : ais) { SignedElements signedElements = (SignedElements)ai.getAssertion(); +ai.setAsserted(true); if (!suppTokenParts.contains(signedElements)) { elements = signedElements; -ai.setAsserted(true); } } } @@ -1557,7 +1563,7 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle tokenTypeSet = true; } -assertPolicy(token); +assertToken(token); if (!tokenTypeSet) { boolean requestor = isRequestor(); @@ -1676,7 +1682,7 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle sig.setStoreBytesInAttachment(storeBytesInAttachment); checkForX509PkiPath(sig, token); if (token instanceof IssuedToken || token instanceof SamlToken) { -assertPolicy(token); +assertToken(token); SecurityToken securityToken = getSecurityToken(); String tokenType = securityToken.getTokenType();