Does your service.UTValidator extend the STSTokenValidator? If so you can
use something like the following to clear the cache - it requires the
hashcode of the UsernameToken:
private void blah(Message message, int usernameTokenHash) {
EndpointInfo info =
message.getExchange().get(Endpoint.class).getEndpointInfo();
synchronized (info) {
TokenStore tokenStore =
(TokenStore)message.getContextualProperty(SecurityConstants.TOKEN_STORE_CACHE_INSTANCE);
if (tokenStore != null) {
SecurityToken token =
tokenStore.getToken(Integer.toString(usernameTokenHash));
if (token != null) {
tokenStore.remove(Integer.toString(usernameTokenHash));
if (token.getTransformedTokenIdentifier() != null) {
tokenStore.remove(token.getTransformedTokenIdentifier());
}
}
}
}
}
Colm.
On Fri, Aug 1, 2014 at 4:16 PM, patch_78 <[email protected]> wrote:
> More information, when the WSP receives the client request, it dispatches
> the
> token in the client request for validation to the STS and get a saml2 token
> in return.
>
> Patcharee
>
>
>
> --
> View this message in context:
> http://cxf.547215.n5.nabble.com/clear-saml2-token-stored-in-wsp-tp5747218p5747230.html
> Sent from the cxf-user mailing list archive at Nabble.com.
>
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com
