Author: coheigea Date: Wed Feb 20 11:32:46 2013 New Revision: 1448093 URL: http://svn.apache.org/r1448093 Log: Merged revisions 1448080 via git cherry-pick from https://svn.apache.org/repos/asf/cxf/branches/2.7.x-fixes
........ r1448080 | coheigea | 2013-02-20 11:14:09 +0000 (Wed, 20 Feb 2013) | 10 lines Merged revisions 1448077 via git cherry-pick from https://svn.apache.org/repos/asf/cxf/trunk ........ r1448077 | coheigea | 2013-02-20 11:09:16 +0000 (Wed, 20 Feb 2013) | 2 lines [CXF-4841] - STSClient AppliesTo is not working correctly in certain circumstances ........ ........ Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java?rev=1448093&r1=1448092&r2=1448093&view=diff ============================================================================== --- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java (original) +++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java Wed Feb 20 11:32:46 2013 @@ -343,12 +343,10 @@ public class IssuedTokenInterceptorProvi client.setTrust(getTrust10(aim)); client.setTrust(getTrust13(aim)); client.setTemplate(itok.getRstTemplate()); - if (maps == null) { - return client.requestSecurityToken(); - } else { + if (maps != null && maps.getNamespaceURI() != null) { client.setAddressingNamespace(maps.getNamespaceURI()); - return client.requestSecurityToken(appliesTo); } + return client.requestSecurityToken(appliesTo); } private SecurityToken renewToken( Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java?rev=1448093&r1=1448092&r2=1448093&view=diff ============================================================================== --- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java (original) +++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java Wed Feb 20 11:32:46 2013 @@ -155,7 +155,7 @@ public abstract class AbstractSTSClient protected Element claims; protected AlgorithmSuite algorithmSuite; protected String namespace = STSUtils.WST_NS_05_12; - protected String addressingNamespace; + protected String addressingNamespace = "http://www.w3.org/2005/08/addressing";; protected Object onBehalfOf; protected boolean enableAppliesTo = true; @@ -974,10 +974,6 @@ public abstract class AbstractSTSClient tokentype = namespace + "/RSTR/Status"; } - if (addressingNamespace == null) { - addressingNamespace = "http://www.w3.org/2005/08/addressing";; - } - Policy validatePolicy = new Policy(); ExactlyOne one = new ExactlyOne(); validatePolicy.addPolicyComponent(one); @@ -1028,10 +1024,6 @@ public abstract class AbstractSTSClient protected STSResponse cancel(SecurityToken token) throws Exception { createClient(); - if (addressingNamespace == null) { - addressingNamespace = "http://www.w3.org/2005/08/addressing";; - } - client.getRequestContext().clear(); client.getRequestContext().putAll(ctx); client.getRequestContext().put(SecurityConstants.TOKEN, token); @@ -1067,13 +1059,19 @@ public abstract class AbstractSTSClient SignedEncryptedParts parts = new SignedEncryptedParts(true); parts.setOptional(true); parts.setBody(true); - parts.addHeader(new Header("To", addressingNamespace)); - parts.addHeader(new Header("From", addressingNamespace)); - parts.addHeader(new Header("FaultTo", addressingNamespace)); - parts.addHeader(new Header("ReplyTo", addressingNamespace)); - parts.addHeader(new Header("Action", addressingNamespace)); - parts.addHeader(new Header("MessageID", addressingNamespace)); - parts.addHeader(new Header("RelatesTo", addressingNamespace)); + + String addrNamespace = addressingNamespace; + if (addrNamespace == null) { + addrNamespace = "http://www.w3.org/2005/08/addressing";; + } + + parts.addHeader(new Header("To", addrNamespace)); + parts.addHeader(new Header("From", addrNamespace)); + parts.addHeader(new Header("FaultTo", addrNamespace)); + parts.addHeader(new Header("ReplyTo", addrNamespace)); + parts.addHeader(new Header("Action", addrNamespace)); + parts.addHeader(new Header("MessageID", addrNamespace)); + parts.addHeader(new Header("RelatesTo", addrNamespace)); all.addPolicyComponent(parts); client.getRequestContext().put(PolicyConstants.POLICY_OVERRIDE, cancelPolicy);
