Author: ruchithf
Date: Sat Sep 29 10:28:40 2007
New Revision: 580614
URL: http://svn.apache.org/viewvc?rev=580614&view=rev
Log:
Sometime we have only a SAML token to identify the requester and leaving it to
the issuer to to handle
Modified:
webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/RahasData.java
Modified:
webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/RahasData.java
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/RahasData.java?rev=580614&r1=580613&r2=580614&view=diff
==============================================================================
---
webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/RahasData.java
(original)
+++
webservices/rampart/trunk/java/modules/rampart-trust/src/main/java/org/apache/rahas/RahasData.java
Sat Sep 29 10:28:40 2007
@@ -24,6 +24,7 @@
import org.apache.ws.security.WSSecurityEngineResult;
import org.apache.ws.security.handler.WSHandlerConstants;
import org.apache.ws.security.handler.WSHandlerResult;
+import org.opensaml.SAMLAssertion;
import javax.xml.namespace.QName;
@@ -75,6 +76,8 @@
private OMElement claimElem;
private String claimDialect;
+
+ private SAMLAssertion assertion;
/**
* Create a new RahasData instance and populate it with the information
from
* the request.
@@ -167,11 +170,15 @@
.get(WSSecurityEngineResult.TAG_X509_CERTIFICATES);
this.clientCert = certificates[0];
this.principal = this.clientCert.getSubjectDN();
+ } else if (act == WSConstants.ST_UNSIGNED) {
+ this.assertion = (SAMLAssertion) wser
+
.get(WSSecurityEngineResult.TAG_SAML_ASSERTION);
+
}
}
}
- // If the principal is missing
- if (principal == null) {
+ // If the principal or a SAML assertion is missing
+ if (this.principal == null && this.assertion == null) {
throw new TrustException(TrustException.REQUEST_FAILED);
}
}
