You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by co...@apache.org on 2014/04/22 18:14:48 UTC
svn commit: r1589193 -
/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/securityToken/SecurityTokenFactoryImpl.java
Author: coheigea
Date: Tue Apr 22 16:14:47 2014
New Revision: 1589193
URL: http://svn.apache.org/r1589193
Log:
Check X.509 Certificate first in case we have multiple KeyInfo children
Modified:
santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/securityToken/SecurityTokenFactoryImpl.java
Modified: santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/securityToken/SecurityTokenFactoryImpl.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/securityToken/SecurityTokenFactoryImpl.java?rev=1589193&r1=1589192&r2=1589193&view=diff
==============================================================================
--- santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/securityToken/SecurityTokenFactoryImpl.java (original)
+++ santuario/xml-security-java/trunk/src/main/java/org/apache/xml/security/stax/impl/securityToken/SecurityTokenFactoryImpl.java Tue Apr 22 16:14:47 2014
@@ -54,6 +54,13 @@ public class SecurityTokenFactoryImpl ex
XMLSecurityProperties securityProperties,
InboundSecurityContext inboundSecurityContext) throws XMLSecurityException {
if (keyInfoType != null) {
+ // X509Data
+ final X509DataType x509DataType =
+ XMLSecurityUtils.getQNameType(keyInfoType.getContent(), XMLSecurityConstants.TAG_dsig_X509Data);
+ if (x509DataType != null) {
+ return getSecurityToken(x509DataType, securityProperties, inboundSecurityContext, keyUsage);
+ }
+
// KeyValue
final KeyValueType keyValueType
= XMLSecurityUtils.getQNameType(keyInfoType.getContent(), XMLSecurityConstants.TAG_dsig_KeyValue);
@@ -70,13 +77,6 @@ public class SecurityTokenFactoryImpl ex
setTokenKey(securityProperties, keyUsage, token);
return token;
}
-
- // X509Data
- final X509DataType x509DataType =
- XMLSecurityUtils.getQNameType(keyInfoType.getContent(), XMLSecurityConstants.TAG_dsig_X509Data);
- if (x509DataType != null) {
- return getSecurityToken(x509DataType, securityProperties, inboundSecurityContext, keyUsage);
- }
}
// Use a default key if it exists