You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2015/11/03 11:41:19 UTC
svn commit: r1712246 - in /webservices/wss4j/trunk/ws-security-dom/src:
main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java
test/java/org/apache/wss4j/dom/message/EncryptionPartsTest.java
Author: coheigea
Date: Tue Nov 3 10:41:18 2015
New Revision: 1712246
URL: http://svn.apache.org/viewvc?rev=1712246&view=rev
Log:
[WSS-560] - NullPointerException in WSSecEncrypt when encrypted header element has attributes. Thanks to Ross M. Lodge for the patch.
Modified:
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java
webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/EncryptionPartsTest.java
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java?rev=1712246&r1=1712245&r2=1712246&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/WSSecEncrypt.java Tue Nov 3 10:41:18 2015
@@ -708,8 +708,8 @@ public class WSSecEncrypt extends WSSecE
NamedNodeMap map = elementToEncrypt.getAttributes();
for (int i = 0; i < map.getLength(); i++) {
Attr attr = (Attr)map.item(i);
- if (attr.getNamespaceURI().equals(WSConstants.URI_SOAP11_ENV)
- || attr.getNamespaceURI().equals(WSConstants.URI_SOAP12_ENV)) {
+ if (WSConstants.URI_SOAP11_ENV.equals(attr.getNamespaceURI())
+ || WSConstants.URI_SOAP12_ENV.equals(attr.getNamespaceURI())) {
String soapEnvPrefix =
XMLUtils.setNamespace(
elem, attr.getNamespaceURI(), WSConstants.DEFAULT_SOAP_PREFIX
Modified: webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/EncryptionPartsTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/EncryptionPartsTest.java?rev=1712246&r1=1712245&r2=1712246&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/EncryptionPartsTest.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/message/EncryptionPartsTest.java Tue Nov 3 10:41:18 2015
@@ -56,6 +56,7 @@ public class EncryptionPartsTest extends
" <foo:bar1>baz1</foo:bar1>" +
" <foo:foobar>baz</foo:foobar>" +
" <foo:bar2>baz2</foo:bar2>" +
+ " <foo:with-attributes some-attribute=\"3\">baz</foo:with-attributes>" +
" </soapenv:Header>" +
" <soapenv:Body>" +
" <ns1:testMethod xmlns:ns1=\"http://axis/service/security/test6/LogTestService8\"></ns1:testMethod>" +
@@ -296,6 +297,54 @@ public class EncryptionPartsTest extends
}
/**
+ * Test encrypting a custom SOAP header using wsse11:EncryptedHeader
+ */
+ @SuppressWarnings("unchecked")
+ @org.junit.Test
+ public void testSOAPEncryptedHeaderWithAttributes() throws Exception {
+ WSSecEncrypt encrypt = new WSSecEncrypt();
+ encrypt.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
+ encrypt.setKeyIdentifierType(WSConstants.ISSUER_SERIAL);
+
+ Document doc = SOAPUtil.toSOAPPart(SOAPMSG);
+ WSSecHeader secHeader = new WSSecHeader(doc);
+ secHeader.insertSecurityHeader();
+
+ WSEncryptionPart encP =
+ new WSEncryptionPart(
+ "with-attributes",
+ "urn:foo.bar",
+ "Header");
+ encrypt.getParts().add(encP);
+
+ Document encryptedDoc = encrypt.build(doc, crypto, secHeader);
+
+ String outputString =
+ XMLUtils.PrettyDocumentToString(encryptedDoc);
+ if (LOG.isDebugEnabled()) {
+ LOG.debug(outputString);
+ }
+ assertTrue(outputString.contains("wsse11:EncryptedHeader"));
+ assertFalse(outputString.contains("foo:with-attributes"));
+
+ WSHandlerResult results = verify(encryptedDoc);
+
+ WSSecurityEngineResult actionResult =
+ results.getActionResults().get(WSConstants.ENCR).get(0);
+ assertTrue(actionResult != null);
+ assertFalse(actionResult.isEmpty());
+ final java.util.List<WSDataRef> refs =
+ (java.util.List<WSDataRef>) actionResult.get(WSSecurityEngineResult.TAG_DATA_REF_URIS);
+
+ assertEquals(WSConstants.KEYTRANSPORT_RSAOEP,
+ actionResult.get(WSSecurityEngineResult.TAG_ENCRYPTED_KEY_TRANSPORT_METHOD));
+
+ WSDataRef wsDataRef = refs.get(0);
+ String xpath = wsDataRef.getXpath();
+ assertEquals("/soapenv:Envelope/soapenv:Header/foo:with-attributes", xpath);
+ }
+
+ /**
* Test encrypting a custom SOAP header with a bad localname
*/
@org.junit.Test