Author: coheigea
Date: Mon Jun 6 16:53:51 2011
New Revision: 1132701
URL: http://svn.apache.org/viewvc?rev=1132701&view=rev
Log:
NPE guard.
Modified:
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/str/SignatureSTRParser.java
Modified:
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/str/SignatureSTRParser.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/str/SignatureSTRParser.java?rev=1132701&r1=1132700&r2=1132701&view=diff
==============================================================================
---
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/str/SignatureSTRParser.java
(original)
+++
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/str/SignatureSTRParser.java
Mon Jun 6 16:53:51 2011
@@ -457,6 +457,11 @@ public class SignatureSTRParser implemen
BSPEnforcer.checkSamlTokenBSPCompliance(secRef, assertion);
}
SAMLKeyInfo keyInfo = assertion.getSubjectKeyInfo();
+ if (keyInfo == null) {
+ throw new WSSecurityException(
+ WSSecurityException.FAILURE, "invalidSAMLsecurity"
+ );
+ }
X509Certificate[] foundCerts = keyInfo.getCerts();
if (foundCerts != null) {
certs = new X509Certificate[]{foundCerts[0]};
