[2/2] cxf git commit: NPE fix if a SAML Issuer is null

[coheigea]

NPE fix if a SAML Issuer is null

# Conflicts:
#   
rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/89d74c90
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/89d74c90
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/89d74c90

Branch: refs/heads/3.1.x-fixes
Commit: 89d74c9041b9fa9bd2f944a85fce9b1b2546238b
Parents: a41f31c
Author: Colm O hEigeartaigh 
Authored: Thu Aug 10 15:10:58 2017 +0100
Committer: Colm O hEigeartaigh 
Committed: Thu Aug 10 15:32:51 2017 +0100

--
 .../cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java   | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/89d74c90/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java
--
diff --git 
a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java
 
b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java
index 6037934..c7d9cf8 100644
--- 
a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java
+++ 
b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java
@@ -168,8 +168,8 @@ public class SAMLSSOResponseValidator {
 }
 
 // Issuer value must match (be contained in) Issuer IDP
-if (enforceKnownIssuer && !issuerIDP.startsWith(issuer.getValue())) {
-LOG.fine("Issuer value: " + issuer.getValue() + " does not match 
issuer IDP: " 
+if (enforceKnownIssuer && (issuer.getValue() == null || 
!issuerIDP.startsWith(issuer.getValue( {
+LOG.fine("Issuer value: " + issuer.getValue() + " does not match 
issuer IDP: "
 + issuerIDP);
 throw new 
WSSecurityException(WSSecurityException.ErrorCode.FAILURE, 
"invalidSAMLsecurity");
 }

cxf git commit: NPE fix if a SAML Issuer is null

[coheigea]

Repository: cxf
Updated Branches:
  refs/heads/master b62ea1115 -> c6ec59987


NPE fix if a SAML Issuer is null


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/c6ec5998
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/c6ec5998
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/c6ec5998

Branch: refs/heads/master
Commit: c6ec599873a67cccae0a75270900c1cbec2cd796
Parents: b62ea11
Author: Colm O hEigeartaigh 
Authored: Thu Aug 10 15:10:58 2017 +0100
Committer: Colm O hEigeartaigh 
Committed: Thu Aug 10 15:31:46 2017 +0100

--
 .../apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/c6ec5998/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java
--
diff --git 
a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java
 
b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java
index 5d38be7..0e70836 100644
--- 
a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java
+++ 
b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java
@@ -172,7 +172,7 @@ public class SAMLSSOResponseValidator {
 }
 
 // Issuer value must match (be contained in) Issuer IDP
-if (enforceKnownIssuer && !issuerIDP.startsWith(issuer.getValue())) {
+if (enforceKnownIssuer && (issuer.getValue() == null || 
!issuerIDP.startsWith(issuer.getValue( {
 LOG.fine("Issuer value: " + issuer.getValue() + " does not match 
issuer IDP: "
 + issuerIDP);
 throw new 
WSSecurityException(WSSecurityException.ErrorCode.FAILURE, 
"invalidSAMLsecurity");