svn commit: r826744 - in /cxf/branches/2.2.x-fixes: ./ rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/ rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/

Mon, 19 Oct 2009 11:14:14 -0700 

Author: dkulp
Date: Mon Oct 19 18:13:48 2009
New Revision: 826744

URL: http://svn.apache.org/viewvc?rev=826744&view=rev
Log:
Merged revisions 826715 via svnmerge from 
https://svn.apache.org/repos/asf/cxf/trunk

........
  r826715 | dkulp | 2009-10-19 12:34:36 -0400 (Mon, 19 Oct 2009) | 2 lines
  
  [CXF-2479, CXF-2480] Fixes for some UsernameToken issues on incoming
  policy validation
........

Modified:
    cxf/branches/2.2.x-fixes/   (props changed)
    
cxf/branches/2.2.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SP11Constants.java
    
cxf/branches/2.2.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SP12Constants.java
    
cxf/branches/2.2.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java

Propchange: cxf/branches/2.2.x-fixes/
------------------------------------------------------------------------------
Binary property 'svnmerge-integrated' - no diff available.

Modified: 
cxf/branches/2.2.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SP11Constants.java
URL: 
http://svn.apache.org/viewvc/cxf/branches/2.2.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SP11Constants.java?rev=826744&r1=826743&r2=826744&view=diff
==============================================================================
--- 
cxf/branches/2.2.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SP11Constants.java
 (original)
+++ 
cxf/branches/2.2.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SP11Constants.java
 Mon Oct 19 18:13:48 2009
@@ -20,6 +20,9 @@
 
 import javax.xml.namespace.QName;
 
+import org.apache.cxf.common.util.StringUtils;
+import org.apache.cxf.ws.security.policy.SPConstants.IncludeTokenType;
+
 public final class SP11Constants extends SPConstants {
     
     public static final SP11Constants INSTANCE = new SP11Constants();
@@ -279,9 +282,8 @@
             return IncludeTokenType.INCLUDE_TOKEN_NEVER;
         } else if (INCLUDE_ONCE.equals(value)) {
             return IncludeTokenType.INCLUDE_TOKEN_ONCE;
-        } else {
-            return null;
-        }   
+        }
+        return StringUtils.isEmpty(value) ? 
IncludeTokenType.INCLUDE_TOKEN_ALWAYS : null;
     }
     
     public String getAttributeValueFromInclusion(IncludeTokenType value) {

Modified: 
cxf/branches/2.2.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SP12Constants.java
URL: 
http://svn.apache.org/viewvc/cxf/branches/2.2.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SP12Constants.java?rev=826744&r1=826743&r2=826744&view=diff
==============================================================================
--- 
cxf/branches/2.2.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SP12Constants.java
 (original)
+++ 
cxf/branches/2.2.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/SP12Constants.java
 Mon Oct 19 18:13:48 2009
@@ -20,6 +20,8 @@
 
 import javax.xml.namespace.QName;
 
+import org.apache.cxf.common.util.StringUtils;
+import org.apache.cxf.ws.security.policy.SPConstants.IncludeTokenType;
 import org.apache.cxf.ws.security.policy.SPConstants.Version;
 
 public final class SP12Constants extends SPConstants {
@@ -341,9 +343,8 @@
             return IncludeTokenType.INCLUDE_TOKEN_NEVER;
         } else if (INCLUDE_ONCE.equals(value)) {
             return IncludeTokenType.INCLUDE_TOKEN_ONCE;
-        } else {
-            return null;
         }   
+        return StringUtils.isEmpty(value) ? 
IncludeTokenType.INCLUDE_TOKEN_ALWAYS : null;
     }
     
     public String getAttributeValueFromInclusion(IncludeTokenType value) {

Modified: 
cxf/branches/2.2.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
URL: 
http://svn.apache.org/viewvc/cxf/branches/2.2.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java?rev=826744&r1=826743&r2=826744&view=diff
==============================================================================
--- 
cxf/branches/2.2.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
 (original)
+++ 
cxf/branches/2.2.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
 Mon Oct 19 18:13:48 2009
@@ -47,6 +47,7 @@
 import org.apache.cxf.Bus;
 import org.apache.cxf.binding.soap.SoapMessage;
 import org.apache.cxf.common.classloader.ClassLoaderUtils;
+import org.apache.cxf.common.util.StringUtils;
 import org.apache.cxf.endpoint.Endpoint;
 import org.apache.cxf.helpers.CastUtils;
 import org.apache.cxf.helpers.DOMUtils;
@@ -245,6 +246,17 @@
      
         return action;
     }
+    private String checkTransportBinding(AssertionInfoMap aim, 
+                                         String action, 
+                                         SoapMessage message) {
+        if (isRequestor(message) && StringUtils.isEmpty(action)) {
+            //for a TransportBinding, these won't come back in the response
+            assertPolicy(aim, SP12Constants.TRANSPORT_BINDING);
+            assertPolicy(aim, SP12Constants.TRANSPORT_TOKEN);
+            assertPolicy(aim, SP12Constants.SUPPORTING_TOKENS);
+        }
+        return action;
+    }
     private String checkSymetricBinding(AssertionInfoMap aim, 
                                 String action, 
                                 SoapMessage message) {
@@ -444,6 +456,7 @@
             handleWSS11(aim, message);
             action = checkAsymetricBinding(aim, action, message);
             action = checkSymetricBinding(aim, action, message);
+            action = checkTransportBinding(aim, action, message);
             
             //stuff we can default to asserted an un-assert if a condition 
isn't met
             assertPolicy(aim, SP12Constants.KEYVALUE_TOKEN);

Reply via email to