svn commit: r1089912 - in /cxf/trunk/distribution/src/main/release/samples/sts_issue_operation: README.txt src/main/java/demo/sts/provider/operation/impl/SAMLTokenIssueOperation.java

Thu, 07 Apr 2011 08:18:46 -0700 

Author: dkulp
Date: Thu Apr  7 15:18:21 2011
New Revision: 1089912

URL: http://svn.apache.org/viewvc?rev=1089912&view=rev
Log:
Update to canonicalize the reference in the STS
Patch from anubhavsharma applied

Modified:
    
cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/README.txt
    
cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/src/main/java/demo/sts/provider/operation/impl/SAMLTokenIssueOperation.java

Modified: 
cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/README.txt
URL: 
http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/README.txt?rev=1089912&r1=1089911&r2=1089912&view=diff
==============================================================================
--- 
cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/README.txt 
(original)
+++ 
cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/README.txt 
Thu Apr  7 15:18:21 2011
@@ -3,7 +3,7 @@ STS Issue Operation
 
 This demo illustrates a sample implementation of WS-Trust Issue operation
 for the STS provider framework in CXF. This sample implementation 
-supports UsernameToken and X509Token as request credentials in the RST
+supports X509Token as request credentials in the RST
 and on successful authentication responds back with a signed SAMLToken.
 
 The requestor can request for a SAML 1.1 or a SAML 2.0 token to be issued

Modified: 
cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/src/main/java/demo/sts/provider/operation/impl/SAMLTokenIssueOperation.java
URL: 
http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/src/main/java/demo/sts/provider/operation/impl/SAMLTokenIssueOperation.java?rev=1089912&r1=1089911&r2=1089912&view=diff
==============================================================================
--- 
cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/src/main/java/demo/sts/provider/operation/impl/SAMLTokenIssueOperation.java
 (original)
+++ 
cxf/trunk/distribution/src/main/release/samples/sts_issue_operation/src/main/java/demo/sts/provider/operation/impl/SAMLTokenIssueOperation.java
 Thu Apr  7 15:18:21 2011
@@ -30,6 +30,7 @@ import java.security.cert.CertificateExc
 import java.security.cert.CertificateFactory;
 import java.security.cert.X509Certificate;
 import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.Collections;
 import java.util.HashSet;
 import java.util.List;
@@ -329,12 +330,16 @@ public class SAMLTokenIssueOperation imp
         try {
             DigestMethod method = signFactory.newDigestMethod(
                     DigestMethod.SHA1, null);
-            Transform transform = signFactory.newTransform(
+            Transform transform1 = signFactory.newTransform(
                     Transform.ENVELOPED,
                     (TransformParameterSpec) null);
-            Reference ref = signFactory.newReference('#' + refId, method,
-                    Collections.singletonList(transform), null, null);
+            Transform transform2 = signFactory.newTransform(
+                    CanonicalizationMethod.EXCLUSIVE,
+                    (TransformParameterSpec) null);
 
+            Reference ref = signFactory.newReference('#' + refId, method,
+                    Arrays.asList(transform1, transform2), null, null);
+  
             CanonicalizationMethod canonMethod = signFactory
                     .newCanonicalizationMethod(
                             CanonicalizationMethod.EXCLUSIVE,

Reply via email to