UsernameToken handles long strings badly
----------------------------------------
Key: WSS-385
URL: https://issues.apache.org/jira/browse/WSS-385
Project: WSS4J
Issue Type: Bug
Affects Versions: 1.6.4
Reporter: Konstantin V. Salikhov
Assignee: Colm O hEigeartaigh
Priority: Minor
While using WSS4J with CXF webservices I've found an issue with large strings
in usernametoken fields. When username or password is very long (3500 chars and
more) their content is trimmed - and don't even ask how I've found it :)
The problem is in class org.apache.ws.security.message.token.UsernameToken.
There is a method "private String nodeString(Element e)" that takes an Element
of token and returns its text representation.
When token property is very long XML parser emits more than one text node, but
method gets text only from the first node - this is totally bad.
Possible solution is to replace this method with something like
private String nodeString(Element e) {
if (e != null) {
return e.getTextContent()
}
return null;
}
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
