Author: coheigea Date: Thu Jan 23 10:56:33 2014 New Revision: 1560629 URL: http://svn.apache.org/r1560629 Log: Merged revisions 1560622 via git cherry-pick from https://svn.apache.org/repos/asf/cxf/branches/2.7.x-fixes
........ r1560622 | coheigea | 2014-01-23 10:33:44 +0000 (Thu, 23 Jan 2014) | 10 lines Merged revisions 1560621 via git cherry-pick from https://svn.apache.org/repos/asf/cxf/trunk ........ r1560621 | coheigea | 2014-01-23 10:31:49 +0000 (Thu, 23 Jan 2014) | 2 lines Make sure a BinarySecurityToken was processed by a WSS4J Validator before checking against the IssuedToken policy ........ ........ Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java Modified: cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java?rev=1560629&r1=1560628&r2=1560629&view=diff ============================================================================== --- cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java (original) +++ cxf/branches/2.6.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/IssuedTokenInterceptorProvider.java Thu Jan 23 10:56:33 2014 @@ -569,7 +569,8 @@ public class IssuedTokenInterceptorProvi List<BinarySecurity> results = new ArrayList<BinarySecurity>(); for (WSSecurityEngineResult wser : wsSecEngineResults) { Integer actInt = (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION); - if (actInt.intValue() == WSConstants.BST) { + if (actInt.intValue() == WSConstants.BST + && Boolean.TRUE.equals(wser.get(WSSecurityEngineResult.TAG_VALIDATED_TOKEN))) { results.add((BinarySecurity)wser.get(WSSecurityEngineResult.TAG_BINARY_SECURITY_TOKEN)); } }
