[
https://issues.apache.org/jira/browse/CXF-3820?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Daniel Kulp resolved CXF-3820.
------------------------------
Resolution: Fixed
Assignee: Daniel Kulp
I've applied the patch as it certainly doesn't *break* anything and does allow
the security token to be serialized in some cases. However, SecurityTokens
that provide or require a Crypto object will not work as that is transient.
TransportBindingHandler.doSignature and
AbstractBindingBuilder.handleSupportingTokens have calls to token.getCrypto()
that would then return null. In both cases, I believe an NPE would be raised,
but that would need to be verified.
However, outside those two cases, everything certainly looks OK.
> SecurityToken class should be serializable
> ------------------------------------------
>
> Key: CXF-3820
> URL: https://issues.apache.org/jira/browse/CXF-3820
> Project: CXF
> Issue Type: Improvement
> Components: WS-* Components
> Affects Versions: 2.4.2
> Reporter: Anubhav Sharma
> Assignee: Daniel Kulp
> Priority: Minor
> Fix For: 2.4.3
>
> Attachments: 0047-made-SecurityToken-serializable.patch
>
>
> Class org.apache.cxf.ws.security.tokenstore.SecurityToken should implement
> serializable. This will allow users to use this class for presistent cache.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
