[03/10] cxf git commit: Picking up some WSS4J trunk changes

Fri, 13 Mar 2015 04:08:16 -0700 

Picking up some WSS4J trunk changes


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/80d7128a
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/80d7128a
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/80d7128a

Branch: refs/heads/master
Commit: 80d7128a3ba1944a603c73e5e908d86c9bf27648
Parents: 2426a08
Author: Colm O hEigeartaigh <[email protected]>
Authored: Tue Feb 24 14:40:10 2015 +0000
Committer: Colm O hEigeartaigh <[email protected]>
Committed: Tue Feb 24 14:40:10 2015 +0000

----------------------------------------------------------------------
 .../org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/80d7128a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
----------------------------------------------------------------------
diff --git 
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
 
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
index cff4c53..b8c71a7 100644
--- 
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
+++ 
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
@@ -273,13 +273,14 @@ public class WSS4JInInterceptor extends 
AbstractWSS4JInterceptor {
                 || 
MessageUtils.isTrue(msg.getContextualProperty(SecurityConstants.ENABLE_REVOCATION));
             reqData.setEnableRevocation(enableRevocation);
             
-            Element elem = WSSecurityUtil.getSecurityHeader(doc.getSOAPPart(), 
actor);
+            Element elem = 
+                WSSecurityUtil.getSecurityHeader(doc.getSOAPHeader(), actor, 
version.getVersion() != 1.1);
 
             List<WSSecurityEngineResult> wsResult = 
engine.processSecurityHeader(
                 elem, reqData
             );
             
-            if (wsResult != null && !wsResult.isEmpty()) { // security header 
found
+            if (!wsResult.isEmpty()) { // security header found
                 if (reqData.getWssConfig().isEnableSignatureConfirmation()) {
                     checkSignatureConfirmation(reqData, wsResult);
                 }
@@ -294,9 +295,6 @@ public class WSS4JInInterceptor extends 
AbstractWSS4JInterceptor {
                     wsResult, utWithCallbacks
                 );
             } else { // no security header found
-                // Create an empty result list to pass into the required 
validation
-                // methods.
-                wsResult = new ArrayList<WSSecurityEngineResult>();
                 if (doc.getSOAPPart().getEnvelope().getBody().hasFault() && 
isRequestor(msg)) {
                     LOG.warning("The request is a SOAP Fault, but it is not 
secured");
                     // We allow lax action matching here for backwards 
compatibility

Reply via email to