Fix for potential ClassCastException
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/2449d398 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/2449d398 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/2449d398 Branch: refs/heads/2.7.x-fixes Commit: 2449d398832234a56fbaf923ff9066b1788794ce Parents: ab8286d Author: Colm O hEigeartaigh <[email protected]> Authored: Mon Dec 1 16:30:15 2014 +0000 Committer: Colm O hEigeartaigh <[email protected]> Committed: Mon Dec 1 16:30:15 2014 +0000 ---------------------------------------------------------------------- .../ws/security/wss4j/WSS4JInInterceptor.java | 36 +++++++++++--------- 1 file changed, 19 insertions(+), 17 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/2449d398/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java ---------------------------------------------------------------------- diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java index e1c5b52..c8318f1 100644 --- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java +++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java @@ -680,26 +680,28 @@ public class WSS4JInInterceptor extends AbstractWSS4JInterceptor { public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (int i = 0; i < callbacks.length; i++) { - WSPasswordCallback pc = (WSPasswordCallback)callbacks[i]; - - String id = pc.getIdentifier(); - - if (SecurityTokenReference.ENC_KEY_SHA1_URI.equals(pc.getType()) - || WSConstants.WSS_KRB_KI_VALUE_TYPE.equals(pc.getType())) { - for (String tokenId : store.getTokenIdentifiers()) { - SecurityToken token = store.getToken(tokenId); - if (token != null && id.equals(token.getSHA1())) { - pc.setKey(token.getSecret()); + if (callbacks[i] instanceof WSPasswordCallback) { + WSPasswordCallback pc = (WSPasswordCallback)callbacks[i]; + + String id = pc.getIdentifier(); + + if (SecurityTokenReference.ENC_KEY_SHA1_URI.equals(pc.getType()) + || WSConstants.WSS_KRB_KI_VALUE_TYPE.equals(pc.getType())) { + for (String tokenId : store.getTokenIdentifiers()) { + SecurityToken token = store.getToken(tokenId); + if (token != null && id.equals(token.getSHA1())) { + pc.setKey(token.getSecret()); + return; + } + } + } else { + SecurityToken tok = store.getToken(id); + if (tok != null) { + pc.setKey(tok.getSecret()); + pc.setCustomToken(tok.getToken()); return; } } - } else { - SecurityToken tok = store.getToken(id); - if (tok != null) { - pc.setKey(tok.getSecret()); - pc.setCustomToken(tok.getToken()); - return; - } } } if (internal != null) {
