Repository: cxf Updated Branches: refs/heads/3.0.x-fixes 6a2b55597 -> c1cc2248a
Make finding the ID of an issued token a bit more robust Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/c1cc2248 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/c1cc2248 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/c1cc2248 Branch: refs/heads/3.0.x-fixes Commit: c1cc2248a3e9c1ec13eb2d432c46fcc23b19f1b0 Parents: 6a2b555 Author: Colm O hEigeartaigh <[email protected]> Authored: Wed Apr 29 14:07:21 2015 +0100 Committer: Colm O hEigeartaigh <[email protected]> Committed: Wed Apr 29 14:10:27 2015 +0100 ---------------------------------------------------------------------- .../cxf/ws/security/trust/AbstractSTSClient.java | 17 +++++++++++++---- .../policyhandlers/AbstractBindingBuilder.java | 12 +++++++----- 2 files changed, 20 insertions(+), 9 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/c1cc2248/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java ---------------------------------------------------------------------- diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java index 0e757c6..f7bb885 100755 --- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java +++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java @@ -1616,18 +1616,27 @@ public abstract class AbstractSTSClient implements Configurable, InterceptorProv && rst.hasAttributeNS(null, "ID")) { id = rst.getAttributeNS(null, "ID"); } - if (id == null) { + if (id == null || "".equals(id)) { id = this.getIDFromSTR(rst); } } - if (id == null && rar != null) { + if ((id == null || "".equals(id)) && rar != null) { id = this.getIDFromSTR(rar); } - if (id == null && rur != null) { + if ((id == null || "".equals(id)) && rur != null) { id = this.getIDFromSTR(rur); } - if (id == null && rst != null) { + if ((id == null || "".equals(id)) && rst != null) { id = rst.getAttributeNS(WSConstants.WSU_NS, "Id"); + if (id == null || "".equals(id)) { + QName elName = DOMUtils.getElementQName(rst); + if (elName.equals(new QName(WSConstants.SAML2_NS, "EncryptedAssertion"))) { + Element child = DOMUtils.getFirstElement(rst); + if (child != null) { + id = child.getAttributeNS(WSConstants.WSU_NS, "Id"); + } + } + } } return id; } http://git-wip-us.apache.org/repos/asf/cxf/blob/c1cc2248/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java ---------------------------------------------------------------------- diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java index ce1f72a..a1825b8 100644 --- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java +++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java @@ -636,11 +636,13 @@ public abstract class AbstractBindingBuilder extends AbstractCommonBindingHandle Document doc = token.getToken().getOwnerDocument(); boolean saml1 = WSConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType) || WSConstants.SAML_NS.equals(tokenType); - String id = null; - if (saml1) { - id = token.getToken().getAttributeNS(null, "AssertionID"); - } else { - id = token.getToken().getAttributeNS(null, "ID"); + String id = token.getId(); + if (id == null || "".equals(id)) { + if (saml1) { + id = token.getToken().getAttributeNS(null, "AssertionID"); + } else { + id = token.getToken().getAttributeNS(null, "ID"); + } } SecurityTokenReference secRef = createSTRForSamlAssertion(doc, id, saml1, false);
