Author: coheigea
Date: Fri Dec 21 11:40:48 2012
New Revision: 1424879
URL: http://svn.apache.org/viewvc?rev=1424879&view=rev
Log:
Merged revisions 1424873 via git cherry-pick from
https://svn.apache.org/repos/asf/cxf/trunk
........
r1424873 | coheigea | 2012-12-21 11:34:18 +0000 (Fri, 21 Dec 2012) | 2 lines
[CXF-4716] - Make sure to validate all possible policies of a particular type
........
Modified:
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AsymmetricBindingPolicyValidator.java
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/ConcreteSupportingTokenPolicyValidator.java
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EncryptedTokenPolicyValidator.java
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EndorsingEncryptedTokenPolicyValidator.java
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EndorsingTokenPolicyValidator.java
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/IssuedTokenPolicyValidator.java
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/KerberosTokenPolicyValidator.java
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SamlTokenPolicyValidator.java
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SecurityContextTokenPolicyValidator.java
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEncryptedTokenPolicyValidator.java
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEndorsingEncryptedTokenPolicyValidator.java
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEndorsingTokenPolicyValidator.java
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedTokenPolicyValidator.java
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SymmetricBindingPolicyValidator.java
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/TransportBindingPolicyValidator.java
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/UsernameTokenPolicyValidator.java
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/WSS11PolicyValidator.java
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/X509TokenPolicyValidator.java
Modified:
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
URL:
http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
---
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
(original)
+++
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JInInterceptor.java
Fri Dec 21 11:40:48 2012
@@ -424,7 +424,6 @@ public class PolicyBasedWSS4JInIntercept
ai.setNotAsserted("No " + type
+ " element found matching one of the XPaths "
+ Arrays.toString(xpaths.toArray()));
- return false;
}
}
}
@@ -459,7 +458,7 @@ public class PolicyBasedWSS4JInIntercept
}
} catch (WSSecurityException e) {
ai.setNotAsserted(msg.getVersion().getBody() + " not "
+ type);
- return false;
+ continue;
}
}
@@ -470,7 +469,6 @@ public class PolicyBasedWSS4JInIntercept
CoverageScope.ELEMENT);
} catch (WSSecurityException e) {
ai.setNotAsserted(h.getQName() + " not + " + type);
- return false;
}
}
}
@@ -864,7 +862,6 @@ public class PolicyBasedWSS4JInIntercept
if (header == null
|| DOMUtils.getFirstChildWithName((Element)header,
h.getQName()) == null) {
ai.setNotAsserted("No header element of name " +
h.getQName() + " found.");
- return false;
}
}
}
@@ -888,11 +885,9 @@ public class PolicyBasedWSS4JInIntercept
XPathConstants.NODESET);
if (list.getLength() == 0) {
ai.setNotAsserted("No header element matching
XPath " + expression + " found.");
- return false;
}
} catch (XPathExpressionException e) {
ai.setNotAsserted("Invalid XPath expression " +
expression + " " + e.getMessage());
- return false;
}
}
}
Modified:
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AsymmetricBindingPolicyValidator.java
URL:
http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AsymmetricBindingPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
---
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AsymmetricBindingPolicyValidator.java
(original)
+++
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AsymmetricBindingPolicyValidator.java
Fri Dec 21 11:40:48 2012
@@ -69,17 +69,17 @@ public class AsymmetricBindingPolicyVali
// Check the protection order
if (!checkProtectionOrder(binding, ai, results)) {
- return false;
+ continue;
}
// Check various properties of the binding
if (!checkProperties(binding, ai, aim, results, signedResults,
message)) {
- return false;
+ continue;
}
// Check various tokens of the binding
if (!checkTokens(binding, ai, aim, hasDerivedKeys, signedResults,
encryptedResults)) {
- return false;
+ continue;
}
}
Modified:
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/ConcreteSupportingTokenPolicyValidator.java
URL:
http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/ConcreteSupportingTokenPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
---
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/ConcreteSupportingTokenPolicyValidator.java
(original)
+++
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/ConcreteSupportingTokenPolicyValidator.java
Fri Dec 21 11:40:48 2012
@@ -115,7 +115,7 @@ public class ConcreteSupportingTokenPoli
ai.setNotAsserted(
"The received token does not match the supporting
token requirement"
);
- return false;
+ continue;
}
}
Modified:
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EncryptedTokenPolicyValidator.java
URL:
http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EncryptedTokenPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
---
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EncryptedTokenPolicyValidator.java
(original)
+++
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EncryptedTokenPolicyValidator.java
Fri Dec 21 11:40:48 2012
@@ -115,7 +115,7 @@ public class EncryptedTokenPolicyValidat
ai.setNotAsserted(
"The received token does not match the encrypted
supporting token requirement"
);
- return false;
+ continue;
}
}
}
Modified:
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EndorsingEncryptedTokenPolicyValidator.java
URL:
http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EndorsingEncryptedTokenPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
---
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EndorsingEncryptedTokenPolicyValidator.java
(original)
+++
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EndorsingEncryptedTokenPolicyValidator.java
Fri Dec 21 11:40:48 2012
@@ -120,7 +120,7 @@ public class EndorsingEncryptedTokenPoli
"The received token does not match the endorsing
encrypted "
+ "supporting token requirement"
);
- return false;
+ continue;
}
}
}
Modified:
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EndorsingTokenPolicyValidator.java
URL:
http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EndorsingTokenPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
---
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EndorsingTokenPolicyValidator.java
(original)
+++
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/EndorsingTokenPolicyValidator.java
Fri Dec 21 11:40:48 2012
@@ -118,7 +118,7 @@ public class EndorsingTokenPolicyValidat
ai.setNotAsserted(
"The received token does not match the endorsing
supporting token requirement"
);
- return false;
+ continue;
}
}
}
Modified:
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/IssuedTokenPolicyValidator.java
URL:
http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/IssuedTokenPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
---
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/IssuedTokenPolicyValidator.java
(original)
+++
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/IssuedTokenPolicyValidator.java
Fri Dec 21 11:40:48 2012
@@ -76,13 +76,13 @@ public class IssuedTokenPolicyValidator
ai.setNotAsserted(
"The received token does not match the token inclusion
requirement"
);
- return false;
+ continue;
}
Element template = issuedToken.getRstTemplate();
if (template != null && !checkIssuedTokenTemplate(template,
assertionWrapper)) {
ai.setNotAsserted("Error in validating the IssuedToken
policy");
- return false;
+ continue;
}
TLSSessionInfo tlsInfo = message.get(TLSSessionInfo.class);
@@ -92,7 +92,7 @@ public class IssuedTokenPolicyValidator
}
if (!checkHolderOfKey(assertionWrapper, signedResults, tlsCerts)) {
ai.setNotAsserted("Assertion fails holder-of-key
requirements");
- return false;
+ continue;
}
}
return true;
Modified:
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/KerberosTokenPolicyValidator.java
URL:
http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/KerberosTokenPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
---
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/KerberosTokenPolicyValidator.java
(original)
+++
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/KerberosTokenPolicyValidator.java
Fri Dec 21 11:40:48 2012
@@ -58,7 +58,7 @@ public class KerberosTokenPolicyValidato
if (!checkToken(kerberosTokenPolicy, kerberosToken)) {
ai.setNotAsserted("An incorrect Kerberos Token Type is
detected");
- return false;
+ continue;
}
}
}
Modified:
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SamlTokenPolicyValidator.java
URL:
http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SamlTokenPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
---
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SamlTokenPolicyValidator.java
(original)
+++
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SamlTokenPolicyValidator.java
Fri Dec 21 11:40:48 2012
@@ -78,7 +78,7 @@ public class SamlTokenPolicyValidator ex
ai.setNotAsserted(
"The received token does not match the token inclusion
requirement"
);
- return false;
+ continue;
}
// All of the received SAML Assertions must conform to the policy
@@ -88,7 +88,7 @@ public class SamlTokenPolicyValidator ex
if (!checkVersion(samlToken, assertionWrapper)) {
ai.setNotAsserted("Wrong SAML Version");
- return false;
+ continue;
}
TLSSessionInfo tlsInfo = message.get(TLSSessionInfo.class);
Certificate[] tlsCerts = null;
@@ -97,11 +97,11 @@ public class SamlTokenPolicyValidator ex
}
if (!checkHolderOfKey(assertionWrapper, signedResults,
tlsCerts)) {
ai.setNotAsserted("Assertion fails holder-of-key
requirements");
- return false;
+ continue;
}
if (!SAMLUtils.checkSenderVouches(assertionWrapper, tlsCerts,
body, signed)) {
ai.setNotAsserted("Assertion fails sender-vouches
requirements");
- return false;
+ continue;
}
/*
if (!checkIssuerName(samlToken, assertionWrapper)) {
Modified:
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SecurityContextTokenPolicyValidator.java
URL:
http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SecurityContextTokenPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
---
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SecurityContextTokenPolicyValidator.java
(original)
+++
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SecurityContextTokenPolicyValidator.java
Fri Dec 21 11:40:48 2012
@@ -67,7 +67,7 @@ public class SecurityContextTokenPolicyV
ai.setNotAsserted(
"The received token does not match the token inclusion
requirement"
);
- return false;
+ continue;
}
}
return true;
Modified:
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEncryptedTokenPolicyValidator.java
URL:
http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEncryptedTokenPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
---
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEncryptedTokenPolicyValidator.java
(original)
+++
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEncryptedTokenPolicyValidator.java
Fri Dec 21 11:40:48 2012
@@ -116,7 +116,7 @@ public class SignedEncryptedTokenPolicyV
ai.setNotAsserted(
"The received token does not match the signed
encrypted supporting token requirement"
);
- return false;
+ continue;
}
}
}
Modified:
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEndorsingEncryptedTokenPolicyValidator.java
URL:
http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEndorsingEncryptedTokenPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
---
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEndorsingEncryptedTokenPolicyValidator.java
(original)
+++
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEndorsingEncryptedTokenPolicyValidator.java
Fri Dec 21 11:40:48 2012
@@ -121,7 +121,7 @@ public class SignedEndorsingEncryptedTok
"The received token does not match the signed
endorsing encrypted "
+ "supporting token requirement"
);
- return false;
+ continue;
}
}
}
Modified:
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEndorsingTokenPolicyValidator.java
URL:
http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEndorsingTokenPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
---
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEndorsingTokenPolicyValidator.java
(original)
+++
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedEndorsingTokenPolicyValidator.java
Fri Dec 21 11:40:48 2012
@@ -118,7 +118,7 @@ public class SignedEndorsingTokenPolicyV
ai.setNotAsserted(
"The received token does not match the signed
endorsing supporting token requirement"
);
- return false;
+ continue;
}
}
}
Modified:
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedTokenPolicyValidator.java
URL:
http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedTokenPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
---
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedTokenPolicyValidator.java
(original)
+++
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SignedTokenPolicyValidator.java
Fri Dec 21 11:40:48 2012
@@ -115,7 +115,7 @@ public class SignedTokenPolicyValidator
ai.setNotAsserted(
"The received token does not match the signed
supporting token requirement"
);
- return false;
+ continue;
}
}
Modified:
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SymmetricBindingPolicyValidator.java
URL:
http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SymmetricBindingPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
---
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SymmetricBindingPolicyValidator.java
(original)
+++
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/SymmetricBindingPolicyValidator.java
Fri Dec 21 11:40:48 2012
@@ -65,17 +65,17 @@ public class SymmetricBindingPolicyValid
// Check the protection order
if (!checkProtectionOrder(binding, ai, results)) {
- return false;
+ continue;
}
// Check various properties of the binding
if (!checkProperties(binding, ai, aim, results, signedResults,
message)) {
- return false;
+ continue;
}
// Check various tokens of the binding
if (!checkTokens(binding, ai, aim, hasDerivedKeys, signedResults,
encryptedResults)) {
- return false;
+ continue;
}
}
Modified:
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/TransportBindingPolicyValidator.java
URL:
http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/TransportBindingPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
---
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/TransportBindingPolicyValidator.java
(original)
+++
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/TransportBindingPolicyValidator.java
Fri Dec 21 11:40:48 2012
@@ -62,7 +62,7 @@ public class TransportBindingPolicyValid
TLSSessionInfo tlsInfo = message.get(TLSSessionInfo.class);
if (!initiator && tlsInfo == null) {
ai.setNotAsserted("TLS is not enabled");
- return false;
+ continue;
}
// HttpsToken is validated by the HttpsTokenInterceptorProvider
@@ -75,7 +75,7 @@ public class TransportBindingPolicyValid
String error = "Received Timestamp does not match the
requirements";
notAssertPolicy(aim, SP12Constants.INCLUDE_TIMESTAMP, error);
ai.setNotAsserted(error);
- return false;
+ continue;
}
assertPolicy(aim, SP12Constants.INCLUDE_TIMESTAMP);
@@ -87,7 +87,7 @@ public class TransportBindingPolicyValid
String error = "Layout does not match the requirements";
notAssertPolicy(aim, SP12Constants.LAYOUT, error);
ai.setNotAsserted(error);
- return false;
+ continue;
}
assertPolicy(aim, SP12Constants.LAYOUT);
}
Modified:
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/UsernameTokenPolicyValidator.java
URL:
http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/UsernameTokenPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
---
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/UsernameTokenPolicyValidator.java
(original)
+++
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/UsernameTokenPolicyValidator.java
Fri Dec 21 11:40:48 2012
@@ -69,11 +69,11 @@ public class UsernameTokenPolicyValidato
ai.setNotAsserted(
"The received token does not match the token inclusion
requirement"
);
- return false;
+ continue;
}
if (!checkTokens(usernameTokenPolicy, ai, utResults)) {
- return false;
+ continue;
}
}
return true;
Modified:
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/WSS11PolicyValidator.java
URL:
http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/WSS11PolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
---
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/WSS11PolicyValidator.java
(original)
+++
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/WSS11PolicyValidator.java
Fri Dec 21 11:40:48 2012
@@ -67,7 +67,7 @@ public class WSS11PolicyValidator implem
ai.setNotAsserted(
"Signature Confirmation policy validation failed"
);
- return false;
+ continue;
}
}
return true;
Modified:
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/X509TokenPolicyValidator.java
URL:
http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/X509TokenPolicyValidator.java?rev=1424879&r1=1424878&r2=1424879&view=diff
==============================================================================
---
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/X509TokenPolicyValidator.java
(original)
+++
cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/X509TokenPolicyValidator.java
Fri Dec 21 11:40:48 2012
@@ -71,12 +71,12 @@ public class X509TokenPolicyValidator ex
ai.setNotAsserted(
"The received token does not match the token inclusion
requirement"
);
- return false;
+ continue;
}
if (!checkTokenType(x509TokenPolicy.getTokenVersionAndType(),
bstResults)) {
ai.setNotAsserted("An incorrect X.509 Token Type is detected");
- return false;
+ continue;
}
}
return true;
