Author: gmazza
Date: Fri Jul 30 00:59:44 2010
New Revision: 980623
URL: http://svn.apache.org/viewvc?rev=980623&view=rev
Log:
Switch to use KeyIdentifier instead of Reference for SAML tokens within the
SOAP request body EncryptedData element (see CXF-2894). This change will have
no effect until WSS4J's WSSecEncrypt is similarly updated (patch forthcoming).
Modified:
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
Modified:
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java?rev=980623&r1=980622&r2=980623&view=diff
==============================================================================
---
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
(original)
+++
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/SymmetricBindingHandler.java
Fri Jul 30 00:59:44 2010
@@ -430,7 +430,6 @@ public class SymmetricBindingHandler ext
if (id.startsWith("#")) {
id = id.substring(1);
}
-
dkEncr.setExternalKey(encrTok.getSecret(), id);
} else {
dkEncr.setExternalKey(encrTok.getSecret(),
encrTok.getId());
@@ -498,9 +497,14 @@ public class SymmetricBindingHandler ext
encr.setUseKeyIdentifier(true);
encr.setKeyIdentifierType(WSConstants.EMBED_SECURITY_TOKEN_REF);
}
+ } else {
+ if (encrToken instanceof IssuedToken) {
+ encr.setUseKeyIdentifier(true);
+
encr.setCustomReferenceValue(SecurityTokenReference.SAML_ID_URI);
+
encr.setKeyIdentifierType(WSConstants.CUSTOM_KEY_IDENTIFIER);
+ }
}
-
encr.prepare(saaj.getSOAPPart(),
crypto);
