You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2014/02/21 15:15:45 UTC

git commit: Avoid NPE in SecureConversation code

Repository: cxf
Updated Branches:
  refs/heads/master 55a4b7bf9 -> 0bbd3da67


Avoid NPE in SecureConversation code


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/0bbd3da6
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/0bbd3da6
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/0bbd3da6

Branch: refs/heads/master
Commit: 0bbd3da675bd37691bb5bb247fa9ec186dcec45c
Parents: 55a4b7b
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Fri Feb 21 14:09:06 2014 +0000
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Fri Feb 21 14:09:21 2014 +0000

----------------------------------------------------------------------
 .../SecureConversationTokenInterceptorProvider.java         | 9 +++++++++
 1 file changed, 9 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/0bbd3da6/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationTokenInterceptorProvider.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationTokenInterceptorProvider.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationTokenInterceptorProvider.java
index 9d4cbc1..4932c2c 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationTokenInterceptorProvider.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationTokenInterceptorProvider.java
@@ -21,9 +21,12 @@ package org.apache.cxf.ws.security.policy.interceptors;
 
 import java.util.Arrays;
 import java.util.Map;
+import java.util.logging.Logger;
 
 import org.apache.cxf.binding.soap.Soap11;
 import org.apache.cxf.binding.soap.SoapMessage;
+import org.apache.cxf.common.logging.LogUtils;
+import org.apache.cxf.interceptor.Fault;
 import org.apache.cxf.message.Message;
 import org.apache.cxf.ws.policy.AbstractPolicyInterceptorProvider;
 import org.apache.cxf.ws.policy.AssertionInfoMap;
@@ -45,6 +48,8 @@ import org.apache.wss4j.policy.model.SupportingTokens;
 public class SecureConversationTokenInterceptorProvider extends AbstractPolicyInterceptorProvider {
 
     private static final long serialVersionUID = 8739057200687855383L;
+    private static final Logger LOG = 
+        LogUtils.getL7dLogger(SecureConversationTokenInterceptorProvider.class);
 
 
     public SecureConversationTokenInterceptorProvider() {
@@ -63,6 +68,10 @@ public class SecureConversationTokenInterceptorProvider extends AbstractPolicyIn
                             AssertionInfoMap aim,
                             SecureConversationToken itok,
                             boolean endorse) {
+        if (itok.getBootstrapPolicy() == null || itok.getBootstrapPolicy().getPolicy() == null) {
+            throw new Fault("The SecureConversationToken does not define a BootstrapPolicy", LOG);
+        }
+        
         client.setTrust(NegotiationUtils.getTrust10(aim));
         client.setTrust(NegotiationUtils.getTrust13(aim));
         Policy pol = itok.getBootstrapPolicy().getPolicy();