You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cxf.apache.org by co...@apache.org on 2011/12/12 11:33:36 UTC

svn commit: r1213182 - /cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AlgorithmSuitePolicyValidator.java

Author: coheigea
Date: Mon Dec 12 10:33:36 2011
New Revision: 1213182

URL: http://svn.apache.org/viewvc?rev=1213182&view=rev
Log:
Adding tighter enforcement of transforms

Modified:
    cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AlgorithmSuitePolicyValidator.java

Modified: cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AlgorithmSuitePolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AlgorithmSuitePolicyValidator.java?rev=1213182&r1=1213181&r2=1213182&view=diff
==============================================================================
--- cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AlgorithmSuitePolicyValidator.java (original)
+++ cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AlgorithmSuitePolicyValidator.java Mon Dec 12 10:33:36 2011
@@ -33,7 +33,7 @@ import org.apache.ws.security.WSConstant
 import org.apache.ws.security.WSDataRef;
 import org.apache.ws.security.WSDerivedKeyTokenPrincipal;
 import org.apache.ws.security.WSSecurityEngineResult;
-//import org.apache.ws.security.transform.STRTransform;
+import org.apache.ws.security.transform.STRTransform;
 
 /**
  * Validate a WSSecurityEngineResult corresponding to the processing of a Signature, EncryptedKey or
@@ -120,8 +120,7 @@ public class AlgorithmSuitePolicyValidat
                 );
                 return false;
             }
-            /*
-             * TODO Re-enable once we upgrade to WSS4J 1.6.4
+            
             List<String> transformAlgorithms = dataRef.getTransformAlgorithms();
             // Only a max of 2 transforms per reference is allowed
             if (transformAlgorithms == null || transformAlgorithms.size() > 2) {
@@ -135,7 +134,6 @@ public class AlgorithmSuitePolicyValidat
                     return false;
                 }
             }
-            */
         }
         return true;
     }