You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2012/11/22 11:13:37 UTC

svn commit: r1412479 - in /webservices/wss4j/trunk: ws-security-common/src/main/java/org/apache/ws/security/common/saml/ ws-security-dom/src/main/java/org/apache/ws/security/dom/processor/

Author: coheigea
Date: Thu Nov 22 10:13:36 2012
New Revision: 1412479

URL: http://svn.apache.org/viewvc?rev=1412479&view=rev
Log:
Porting stricter SAML KeyInfo processing from 1.6.x-fixes

Modified:
    webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/ws/security/common/saml/AssertionWrapper.java
    webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/ws/security/common/saml/SAMLUtil.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/processor/SAMLTokenProcessor.java

Modified: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/ws/security/common/saml/AssertionWrapper.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/ws/security/common/saml/AssertionWrapper.java?rev=1412479&r1=1412478&r2=1412479&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/ws/security/common/saml/AssertionWrapper.java (original)
+++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/ws/security/common/saml/AssertionWrapper.java Thu Nov 22 10:13:36 2012
@@ -508,9 +508,7 @@ public class AssertionWrapper {
         if (sig != null) {
             KeyInfo keyInfo = sig.getKeyInfo();
             SAMLKeyInfo samlKeyInfo = 
-                SAMLUtil.getCredentialFromKeyInfo(
-                    keyInfo.getDOM(), keyInfoProcessor, sigCrypto
-                );
+                SAMLUtil.getCredentialDirectlyFromKeyInfo(keyInfo.getDOM(), sigCrypto);
             verifySignature(samlKeyInfo);
         } else {
             LOG.debug("AssertionWrapper: no signature to validate");

Modified: webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/ws/security/common/saml/SAMLUtil.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/ws/security/common/saml/SAMLUtil.java?rev=1412479&r1=1412478&r2=1412479&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/ws/security/common/saml/SAMLUtil.java (original)
+++ webservices/wss4j/trunk/ws-security-common/src/main/java/org/apache/ws/security/common/saml/SAMLUtil.java Thu Nov 22 10:13:36 2012
@@ -231,6 +231,21 @@ public final class SAMLUtil {
             return samlKeyInfo;
         }
         
+        return getCredentialDirectlyFromKeyInfo(keyInfoElement, sigCrypto);
+    }
+    
+    /**
+     * This method returns a SAMLKeyInfo corresponding to the credential found in the
+     * KeyInfo (DOM Element) argument.
+     * @param keyInfoElement The KeyInfo as a DOM Element
+     * @param sigCrypto A Crypto instance
+     * @return The credential (as a SAMLKeyInfo object)
+     * @throws WSSecurityException
+     */
+    public static SAMLKeyInfo getCredentialDirectlyFromKeyInfo(
+        Element keyInfoElement,
+        Crypto sigCrypto
+    ) throws WSSecurityException {
         //
         // Next marshal the KeyInfo DOM element into a javax KeyInfo object and get the
         // (public key) credential

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/processor/SAMLTokenProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/processor/SAMLTokenProcessor.java?rev=1412479&r1=1412478&r2=1412479&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/processor/SAMLTokenProcessor.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/processor/SAMLTokenProcessor.java Thu Nov 22 10:13:36 2012
@@ -150,10 +150,8 @@ public class SAMLTokenProcessor implemen
             
             KeyInfo keyInfo = sig.getKeyInfo();
             SAMLKeyInfo samlKeyInfo = 
-                SAMLUtil.getCredentialFromKeyInfo(
-                    keyInfo.getDOM(), 
-                    new WSSSAMLKeyInfoProcessor(data, docInfo),
-                    data.getSigVerCrypto()
+                SAMLUtil.getCredentialDirectlyFromKeyInfo(
+                    keyInfo.getDOM(), data.getSigVerCrypto()
                 );
             
             if (algorithmSuite != null) {