This is an automated email from the ASF dual-hosted git repository. coheigea pushed a commit to branch 3.5.x-fixes in repository https://gitbox.apache.org/repos/asf/cxf.git
commit e7f7b2154ed9f5668a62a7e99f862ca1aef7cd43 Author: Oliver Wulff <[email protected]> AuthorDate: Thu Feb 3 12:14:24 2022 +0100 [CXF-8648] Make ClaimsAuthorizingInterceptor configurable in ClaimsAuthorizingFilter (#899) (cherry picked from commit c76c75b412bff06cee025f472bc2d813f37cb63f) --- .../apache/cxf/jaxrs/security/ClaimsAuthorizingFilter.java | 13 +++++++++++-- .../systest/jaxrs/security/jose/jwt/authn-authz-server.xml | 8 ++++++-- .../apache/cxf/systest/jaxrs/security/saml/secureServer.xml | 5 ++++- 3 files changed, 21 insertions(+), 5 deletions(-) diff --git a/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/ClaimsAuthorizingFilter.java b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/ClaimsAuthorizingFilter.java index b19d269..c7a64ec 100644 --- a/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/ClaimsAuthorizingFilter.java +++ b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/ClaimsAuthorizingFilter.java @@ -33,7 +33,15 @@ import org.apache.cxf.rt.security.claims.interceptor.ClaimsAuthorizingIntercepto public class ClaimsAuthorizingFilter implements ContainerRequestFilter { - private ClaimsAuthorizingInterceptor interceptor = new ClaimsAuthorizingInterceptor(); + private ClaimsAuthorizingInterceptor interceptor; + + public ClaimsAuthorizingFilter() { + this.interceptor = new ClaimsAuthorizingInterceptor(); + } + + public ClaimsAuthorizingFilter(ClaimsAuthorizingInterceptor interceptor) { + this.interceptor = interceptor; + } @Override public void filter(ContainerRequestContext context) { @@ -45,13 +53,14 @@ public class ClaimsAuthorizingFilter implements ContainerRequestFilter { } } + @Deprecated() public void setClaims(Map<String, List<ClaimBean>> claimsMap) { interceptor.setClaims(claimsMap); } + @Deprecated() public void setSecuredObject(Object securedObject) { interceptor.setSecuredObject(securedObject); } - } diff --git a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/jose/jwt/authn-authz-server.xml b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/jose/jwt/authn-authz-server.xml index c12840c..40df2ad 100644 --- a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/jose/jwt/authn-authz-server.xml +++ b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/jose/jwt/authn-authz-server.xml @@ -77,10 +77,14 @@ under the License. </map> </property> </bean> - - <bean id="claimsHandler" class="org.apache.cxf.jaxrs.security.ClaimsAuthorizingFilter"> + + <bean id="claimsInterceptor" class="org.apache.cxf.rt.security.claims.interceptor.ClaimsAuthorizingInterceptor"> <property name="securedObject" ref="serviceBean"/> </bean> + + <bean id="claimsHandler" class="org.apache.cxf.jaxrs.security.ClaimsAuthorizingFilter"> + <constructor-arg ref="claimsInterceptor"/> + </bean> <jaxrs:server address="https://localhost:${testutil.ports.jaxrs-jwt-authn-authz}/signedjwtauthz";> <jaxrs:serviceBeans> diff --git a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/saml/secureServer.xml b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/saml/secureServer.xml index 3c5118a..a56ebd3 100644 --- a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/saml/secureServer.xml +++ b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/saml/secureServer.xml @@ -48,9 +48,12 @@ under the License. <bean id="serviceBean" class="org.apache.cxf.systest.jaxrs.security.saml.SecureBookStore"/> <bean id="serviceBeanClaims" class="org.apache.cxf.systest.jaxrs.security.saml.SecureClaimBookStore"/> <bean id="samlEnvHandler" class="org.apache.cxf.rs.security.saml.SamlEnvelopedInHandler"/> - <bean id="claimsHandler" class="org.apache.cxf.jaxrs.security.ClaimsAuthorizingFilter"> + <bean id="claimsInterceptor" class="org.apache.cxf.rt.security.claims.interceptor.ClaimsAuthorizingInterceptor"> <property name="securedObject" ref="serviceBeanClaims"/> </bean> + <bean id="claimsHandler" class="org.apache.cxf.jaxrs.security.ClaimsAuthorizingFilter"> + <constructor-arg ref="claimsInterceptor"/> + </bean> <bean id="authorizationInterceptor" class="org.apache.cxf.interceptor.security.SecureAnnotationsInterceptor"> <property name="securedObject" ref="serviceBean"/> </bean>
