Author: coheigea
Date: Tue Dec 3 11:43:21 2013
New Revision: 1547348
URL: http://svn.apache.org/r1547348
Log:
Make sure we can process a SAML Signature KeyInfo which uses a
SecurityTokenReference
Conflicts:
src/main/java/org/apache/ws/security/processor/SAMLTokenProcessor.java
src/main/java/org/apache/ws/security/saml/SAMLUtil.java
src/main/java/org/apache/ws/security/saml/ext/AssertionWrapper.java
Modified:
webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/processor/SAMLTokenProcessor.java
webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/saml/SAMLUtil.java
webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/saml/ext/AssertionWrapper.java
Modified:
webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/processor/SAMLTokenProcessor.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/processor/SAMLTokenProcessor.java?rev=1547348&r1=1547347&r2=1547348&view=diff
==============================================================================
---
webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/processor/SAMLTokenProcessor.java
(original)
+++
webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/processor/SAMLTokenProcessor.java
Tue Dec 3 11:43:21 2013
@@ -143,8 +143,8 @@ public class SAMLTokenProcessor implemen
);
}
SAMLKeyInfo samlKeyInfo =
- SAMLUtil.getCredentialDirectlyFromKeyInfo(
- keyInfo.getDOM(), data
+ SAMLUtil.getCredentialFromKeyInfo(
+ keyInfo.getDOM(), data, docInfo,
data.getWssConfig().isWsiBSPCompliant()
);
if (algorithmSuite != null) {
Modified:
webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/saml/SAMLUtil.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/saml/SAMLUtil.java?rev=1547348&r1=1547347&r2=1547348&view=diff
==============================================================================
---
webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/saml/SAMLUtil.java
(original)
+++
webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/saml/SAMLUtil.java
Tue Dec 3 11:43:21 2013
@@ -353,21 +353,6 @@ public final class SAMLUtil {
node = node.getNextSibling();
}
- return getCredentialDirectlyFromKeyInfo(keyInfoElement, data);
- }
-
- /**
- * This method returns a SAMLKeyInfo corresponding to the credential found
in the
- * KeyInfo (DOM Element) argument.
- * @param keyInfoElement The KeyInfo as a DOM Element
- * @param data The RequestData instance used to obtain configuration
- * @return The credential (as a SAMLKeyInfo object)
- * @throws WSSecurityException
- */
- public static SAMLKeyInfo getCredentialDirectlyFromKeyInfo(
- Element keyInfoElement,
- RequestData data
- ) throws WSSecurityException {
//
// Next marshal the KeyInfo DOM element into a javax KeyInfo object
and get the
// (public key) credential
Modified:
webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/saml/ext/AssertionWrapper.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/saml/ext/AssertionWrapper.java?rev=1547348&r1=1547347&r2=1547348&view=diff
==============================================================================
---
webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/saml/ext/AssertionWrapper.java
(original)
+++
webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/saml/ext/AssertionWrapper.java
Tue Dec 3 11:43:21 2013
@@ -540,7 +540,7 @@ public class AssertionWrapper {
);
}
SAMLKeyInfo samlKeyInfo =
- SAMLUtil.getCredentialDirectlyFromKeyInfo(keyInfo.getDOM(),
data);
+ SAMLUtil.getCredentialFromKeyInfo(keyInfo.getDOM(), data,
docInfo, data.getWssConfig().isWsiBSPCompliant());
verifySignature(samlKeyInfo);
} else {
LOG.debug("AssertionWrapper: no signature to validate");
