Author: coheigea
Date: Mon Dec 12 10:32:52 2011
New Revision: 1213181
URL: http://svn.apache.org/viewvc?rev=1213181&view=rev
Log:
Adding tighter enforcement of transforms
Modified:
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AlgorithmSuitePolicyValidator.java
Modified:
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AlgorithmSuitePolicyValidator.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AlgorithmSuitePolicyValidator.java?rev=1213181&r1=1213180&r2=1213181&view=diff
==============================================================================
---
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AlgorithmSuitePolicyValidator.java
(original)
+++
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AlgorithmSuitePolicyValidator.java
Mon Dec 12 10:32:52 2011
@@ -33,7 +33,7 @@ import org.apache.ws.security.WSConstant
import org.apache.ws.security.WSDataRef;
import org.apache.ws.security.WSDerivedKeyTokenPrincipal;
import org.apache.ws.security.WSSecurityEngineResult;
-//import org.apache.ws.security.transform.STRTransform;
+import org.apache.ws.security.transform.STRTransform;
/**
* Validate a WSSecurityEngineResult corresponding to the processing of a
Signature, EncryptedKey or
@@ -120,8 +120,7 @@ public class AlgorithmSuitePolicyValidat
);
return false;
}
- /*
- * TODO Re-enable once we upgrade to WSS4J 1.6.4
+
List<String> transformAlgorithms =
dataRef.getTransformAlgorithms();
// Only a max of 2 transforms per reference is allowed
if (transformAlgorithms == null || transformAlgorithms.size() > 2)
{
@@ -135,7 +134,6 @@ public class AlgorithmSuitePolicyValidat
return false;
}
}
- */
}
return true;
}
