Author: coheigea
Date: Tue May 24 16:20:36 2011
New Revision: 1127129
URL: http://svn.apache.org/viewvc?rev=1127129&view=rev
Log:
Add a BinarySecurityToken to the security header for the asymmetric case, if it
is required and we are not signing anything.
Modified:
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
Modified:
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java?rev=1127129&r1=1127128&r2=1127129&view=diff
==============================================================================
---
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
(original)
+++
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AsymmetricBindingHandler.java
Tue May 24 16:20:36 2011
@@ -406,6 +406,11 @@ public class AsymmetricBindingHandler ex
sigToken = wrapper.getToken();
sigParts.addAll(this.getSignedParts());
if (sigParts.isEmpty()) {
+ // Add the BST to the security header if required
+ if (!attached && includeToken(sigToken.getInclusion())) {
+ WSSecSignature sig = getSignatureBuilder(wrapper, sigToken,
attached, false);
+ sig.prependBSTElementToHeader(secHeader);
+ }
return;
}
if (sigToken.isDerivedKeys()) {
