This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch coheigea/wss4j-saml-refactor
in repository https://gitbox.apache.org/repos/asf/cxf.git
The following commit(s) were added to refs/heads/coheigea/wss4j-saml-refactor
by this push:
new 5bd1e54b3b Picking up Saml event changes
5bd1e54b3b is described below
commit 5bd1e54b3b1e5ff6f7eca59697d70b18f1861d79
Author: Colm O hEigeartaigh <[email protected]>
AuthorDate: Wed Jul 16 12:33:21 2025 +0100
Picking up Saml event changes
---
.../java/org/apache/cxf/ws/security/trust/STSStaxTokenValidator.java | 2 +-
.../cxf/ws/security/wss4j/StaxSecurityContextInInterceptor.java | 4 ++--
.../main/java/org/apache/cxf/sts/operation/TokenIssueOperation.java | 4 ++--
3 files changed, 5 insertions(+), 5 deletions(-)
diff --git
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSStaxTokenValidator.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSStaxTokenValidator.java
index 458bbec254..5d786b7703 100644
---
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSStaxTokenValidator.java
+++
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSStaxTokenValidator.java
@@ -139,7 +139,7 @@ public class STSStaxTokenValidator
try {
super.verify();
} catch (XMLSecurityException ex) {
- SamlAssertionWrapper assertion =
super.getSamlAssertionWrapper();
+ SamlAssertionWrapper assertion =
(SamlAssertionWrapper)super.getSamlAssertion();
Element tokenElement = assertion.getElement();
validateTokenToSTS(tokenElement, message);
}
diff --git
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/StaxSecurityContextInInterceptor.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/StaxSecurityContextInInterceptor.java
index 9a61158456..40152808de 100644
---
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/StaxSecurityContextInInterceptor.java
+++
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/StaxSecurityContextInInterceptor.java
@@ -223,8 +223,8 @@ public class StaxSecurityContextInInterceptor extends
AbstractPhaseInterceptor<S
// The SAML Assertion must be signed by default
return event.getSecurityToken() != null
- && event.getSecurityToken().getSamlAssertionWrapper() != null
- && (allowUnsignedSamlPrincipals ||
event.getSecurityToken().getSamlAssertionWrapper().isSigned());
+ && event.getSecurityToken().getSamlAssertion() != null
+ && (allowUnsignedSamlPrincipals ||
((SamlAssertionWrapper)event.getSecurityToken().getSamlAssertion()).isSigned());
}
private boolean isUsernameTokenEventAllowed(UsernameTokenSecurityEvent
event, Message msg) {
diff --git
a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenIssueOperation.java
b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenIssueOperation.java
index f0ef869f74..16532db008 100644
---
a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenIssueOperation.java
+++
b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenIssueOperation.java
@@ -410,8 +410,8 @@ public class TokenIssueOperation extends AbstractOperation
implements IssueOpera
org.apache.xml.security.stax.securityToken.SecurityToken
securityToken =
findInboundSecurityToken(WSSecurityEventConstants.SAML_TOKEN,
messageContext);
if (securityToken instanceof SamlSecurityToken
- &&
((SamlSecurityToken)securityToken).getSamlAssertionWrapper() != null) {
- return
((SamlSecurityToken)securityToken).getSamlAssertionWrapper();
+ && ((SamlSecurityToken)securityToken).getSamlAssertion() !=
null) {
+ return
(SamlAssertionWrapper)((SamlSecurityToken)securityToken).getSamlAssertion();
}
} catch (XMLSecurityException e) {
LOG.log(Level.FINE, e.getMessage(), e);
