Repository: cxf Updated Branches: refs/heads/2.7.x-fixes bee6fdb5d -> f1db0d745
Make finding the ID of an issued token a bit more robust Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/f1db0d74 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/f1db0d74 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/f1db0d74 Branch: refs/heads/2.7.x-fixes Commit: f1db0d7452f3a554c964bea9fe6b8623baeb9d5b Parents: bee6fdb Author: Colm O hEigeartaigh <[email protected]> Authored: Wed Apr 29 14:07:21 2015 +0100 Committer: Colm O hEigeartaigh <[email protected]> Committed: Wed Apr 29 14:29:32 2015 +0100 ---------------------------------------------------------------------- .../cxf/ws/security/trust/AbstractSTSClient.java | 17 +++++++++++++---- .../policyhandlers/AbstractBindingBuilder.java | 12 +++++++----- 2 files changed, 20 insertions(+), 9 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/f1db0d74/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java ---------------------------------------------------------------------- diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java index 6c42d61..daee150 100755 --- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java +++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java @@ -1568,18 +1568,27 @@ public abstract class AbstractSTSClient implements Configurable, InterceptorProv && rst.hasAttributeNS(null, "ID")) { id = rst.getAttributeNS(null, "ID"); } - if (id == null) { + if (id == null || "".equals(id)) { id = this.getIDFromSTR(rst); } } - if (id == null && rar != null) { + if ((id == null || "".equals(id)) && rar != null) { id = this.getIDFromSTR(rar); } - if (id == null && rur != null) { + if ((id == null || "".equals(id)) && rur != null) { id = this.getIDFromSTR(rur); } - if (id == null && rst != null) { + if ((id == null || "".equals(id)) && rst != null) { id = rst.getAttributeNS(WSConstants.WSU_NS, "Id"); + if (id == null || "".equals(id)) { + QName elName = DOMUtils.getElementQName(rst); + if (elName.equals(new QName(WSConstants.SAML2_NS, "EncryptedAssertion"))) { + Element child = DOMUtils.getFirstElement(rst); + if (child != null) { + id = child.getAttributeNS(WSConstants.WSU_NS, "Id"); + } + } + } } return id; } http://git-wip-us.apache.org/repos/asf/cxf/blob/f1db0d74/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java ---------------------------------------------------------------------- diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java index b76c853..be4b6ed 100644 --- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java +++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java @@ -700,11 +700,13 @@ public abstract class AbstractBindingBuilder { Document doc = token.getToken().getOwnerDocument(); boolean saml1 = WSConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType) || WSConstants.SAML_NS.equals(tokenType); - String id = null; - if (saml1) { - id = token.getToken().getAttributeNS(null, "AssertionID"); - } else { - id = token.getToken().getAttributeNS(null, "ID"); + String id = token.getId(); + if (id == null || "".equals(id)) { + if (saml1) { + id = token.getToken().getAttributeNS(null, "AssertionID"); + } else { + id = token.getToken().getAttributeNS(null, "ID"); + } } SecurityTokenReference secRef = createSTRForSamlAssertion(doc, id, saml1, false);
