[1/2] cxf git commit: Some modifications to the previous merge

Wed, 07 Oct 2015 03:37:48 -0700 

Repository: cxf
Updated Branches:
  refs/heads/master 59b87cad2 -> 7656bb7d8


Some modifications to the previous merge


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/7656bb7d
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/7656bb7d
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/7656bb7d

Branch: refs/heads/master
Commit: 7656bb7d89ccff5d4143f9e5baa3d5418eb89a4a
Parents: 1c0dad1
Author: Colm O hEigeartaigh <[email protected]>
Authored: Wed Oct 7 11:36:31 2015 +0100
Committer: Colm O hEigeartaigh <[email protected]>
Committed: Wed Oct 7 11:37:23 2015 +0100

----------------------------------------------------------------------
 .../token/provider/DefaultSubjectProvider.java  | 36 ++++++++------------
 1 file changed, 15 insertions(+), 21 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/7656bb7d/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/DefaultSubjectProvider.java
----------------------------------------------------------------------
diff --git 
a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/DefaultSubjectProvider.java
 
b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/DefaultSubjectProvider.java
index 586cb0e..5e8a8ee 100644
--- 
a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/DefaultSubjectProvider.java
+++ 
b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/DefaultSubjectProvider.java
@@ -30,9 +30,9 @@ import java.util.regex.Pattern;
 import javax.security.auth.kerberos.KerberosPrincipal;
 import javax.security.auth.x500.X500Principal;
 
-import org.apache.wss4j.common.principal.UsernameTokenPrincipal;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
+
 import org.apache.cxf.common.logging.LogUtils;
 import org.apache.cxf.sts.STSConstants;
 import org.apache.cxf.sts.STSPropertiesMBean;
@@ -46,6 +46,7 @@ import org.apache.cxf.ws.security.sts.provider.STSException;
 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.crypto.CryptoType;
 import org.apache.wss4j.common.ext.WSSecurityException;
+import org.apache.wss4j.common.principal.UsernameTokenPrincipal;
 import org.apache.wss4j.common.saml.bean.KeyInfoBean;
 import org.apache.wss4j.common.saml.bean.KeyInfoBean.CERT_IDENTIFIER;
 import org.apache.wss4j.common.saml.bean.SubjectBean;
@@ -156,7 +157,8 @@ public class DefaultSubjectProvider implements 
SubjectProvider {
         String confirmationMethod = getSubjectConfirmationMethod(tokenType, 
keyType);
 
         String subjectName = principal.getName();
-        if 
(SAML2Constants.NAMEID_FORMAT_UNSPECIFIED.equals(subjectNameIDFormat)
+        String localSubjectNameIDFormat = subjectNameIDFormat;
+        if 
(SAML2Constants.NAMEID_FORMAT_UNSPECIFIED.equals(localSubjectNameIDFormat)
             && principal instanceof X500Principal) {
             // Just use the "cn" instead of the entire DN
             try {
@@ -168,32 +170,24 @@ public class DefaultSubjectProvider implements 
SubjectProvider {
                 subjectName = principal.getName();
                 //Ignore, not X500 compliant thus use the whole string as the 
value
             }
-        }
-        else {
-            if 
(!SAML2Constants.NAMEID_FORMAT_UNSPECIFIED.equals(subjectNameIDFormat)) {
-                /* Set subjectNameIDFormat correctly based on type of principal
+        } else if 
(!SAML2Constants.NAMEID_FORMAT_UNSPECIFIED.equals(localSubjectNameIDFormat)) {
+            /* Set subjectNameIDFormat correctly based on type of principal
                 unless already set to some value other than unspecified */
-                if (principal instanceof UsernameTokenPrincipal) {
-                    subjectNameIDFormat = 
SAML2Constants.NAMEID_FORMAT_PERSISTENT;
-                }
-                else if (principal instanceof X500Principal) {
-                    subjectNameIDFormat = 
SAML2Constants.NAMEID_FORMAT_X509_SUBJECT_NAME;
-                }
-                else if (principal instanceof KerberosPrincipal) {
-                    subjectNameIDFormat = 
SAML2Constants.NAMEID_FORMAT_KERBEROS;
-                }
-                else {
-                    subjectNameIDFormat = 
SAML2Constants.NAMEID_FORMAT_UNSPECIFIED;
-                }
+            if (principal instanceof UsernameTokenPrincipal) {
+                localSubjectNameIDFormat = 
SAML2Constants.NAMEID_FORMAT_PERSISTENT;
+            } else if (principal instanceof X500Principal) {
+                localSubjectNameIDFormat = 
SAML2Constants.NAMEID_FORMAT_X509_SUBJECT_NAME;
+            } else if (principal instanceof KerberosPrincipal) {
+                localSubjectNameIDFormat = 
SAML2Constants.NAMEID_FORMAT_KERBEROS;
+            } else if (localSubjectNameIDFormat == null) {
+                localSubjectNameIDFormat = 
SAML2Constants.NAMEID_FORMAT_UNSPECIFIED;
             }
         }
 
         SubjectBean subjectBean =
             new SubjectBean(subjectName, subjectNameQualifier, 
confirmationMethod);
         LOG.fine("Creating new subject with principal name: " + 
principal.getName());
-        if (subjectNameIDFormat != null && subjectNameIDFormat.length() > 0) {
-            subjectBean.setSubjectNameIDFormat(subjectNameIDFormat);
-        }
+        subjectBean.setSubjectNameIDFormat(localSubjectNameIDFormat);
 
         return subjectBean;
     }

Reply via email to