(axis-axis2-java-rampart) 02/02: RAMPART-234 Allow custom https listeners to populate the client certificate chain in the message context

[robertlazarski]

This is an automated email from the ASF dual-hosted git repository.

robertlazarski pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/axis-axis2-java-rampart.git

commit 32f00ce8d28ae965727746a7f1bc87c0bba381d5
Author: Robert Lazarski <robertlazar...@gmail.com>
AuthorDate: Wed Nov 6 10:55:45 2024 -1000

    RAMPART-234 Allow custom https listeners to populate the client certificate 
chain in the message context
---
 .../src/main/java/org/apache/rampart/util/RampartUtil.java            | 4 +---
 .../src/main/resources/org/apache/rampart/errors.properties           | 1 -
 2 files changed, 1 insertion(+), 4 deletions(-)

diff --git 
a/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java 
b/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java
index c09ca1ab..5f8cc5b2 100644
--- 
a/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java
+++ 
b/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java
@@ -1883,9 +1883,6 @@ public class RampartUtil {
                     }
                 }
 
-                MessageContext messageContext = messageData.getMsgContext();
-                HttpServletRequest request = ((HttpServletRequest) 
messageContext.getProperty(HTTPConstants.MC_HTTP_SERVLETREQUEST));
-                
                 // verify client certificate used
                 // try to obtain the client certificate chain directly from 
the message context
                 // and then from the servlet request
@@ -1898,6 +1895,7 @@ public class RampartUtil {
                     } else {
                         Object requestProperty = 
msgContext.getProperty(HTTPConstants.MC_HTTP_SERVLETREQUEST);
                         if (requestProperty instanceof HttpServletRequest) {
+                           HttpServletRequest request = 
(HttpServletRequest)requestProperty;
                             Object certificateChain = 
request.getAttribute("javax.servlet.request.X509Certificate"); //$NON-NLS-1$
                             if (certificateChain instanceof X509Certificate[]) 
{
                                 // HTTPS client certificate chain found
diff --git 
a/modules/rampart-core/src/main/resources/org/apache/rampart/errors.properties 
b/modules/rampart-core/src/main/resources/org/apache/rampart/errors.properties
index fea93359..1231c2c4 100644
--- 
a/modules/rampart-core/src/main/resources/org/apache/rampart/errors.properties
+++ 
b/modules/rampart-core/src/main/resources/org/apache/rampart/errors.properties
@@ -103,7 +103,6 @@ invalidTransport = Expected transport is "https" but 
incoming transport found :
 requiredElementsMissing = Required Elements not found in the incoming message 
: {0}
 httpsVerificationFailed = Unable to verify HTTPS transport usage: incoming 
transport description is unavailable
 httpsClientCertValidationFailed = Unable to verify HTTPS client certificate 
usage: client certificate chain is not available.
-requiredElementsMissing = Required Elements not found in the incoming message 
: {0}
 repeatingNonceValue = Nonce value : {0}, already seen before for user name : 
{1}. Possibly this could be a replay attack.
 invalidNonceLifeTime = Invalid value for nonceLifeTime in rampart 
configuration file.
 invalidIssuerAddress = Invalid value for Issuer