You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2011/05/05 13:48:10 UTC
svn commit: r1099762 - in /webservices/wss4j/trunk/src:
main/java/org/apache/ws/security/message/WSSecSignature.java
test/java/org/apache/ws/security/message/SignatureTest.java
Author: coheigea
Date: Thu May 5 11:48:09 2011
New Revision: 1099762
URL: http://svn.apache.org/viewvc?rev=1099762&view=rev
Log:
[WSS-283] - Patch applied and test added.
Modified:
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecSignature.java
webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SignatureTest.java
Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecSignature.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecSignature.java?rev=1099762&r1=1099761&r2=1099762&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecSignature.java (original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/message/WSSecSignature.java Thu May 5 11:48:09 2011
@@ -39,6 +39,7 @@ import org.apache.ws.security.util.WSSec
import org.w3c.dom.Document;
import org.w3c.dom.Element;
+import org.w3c.dom.Node;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
@@ -484,7 +485,11 @@ public class WSSecSignature extends WSSe
XMLSignContext signContext = null;
if (prepend) {
if (siblingElement == null) {
- siblingElement = (Element)securityHeader.getFirstChild();
+ Node child = securityHeader.getFirstChild();
+ while (child != null && child.getNodeType() != Node.ELEMENT_NODE) {
+ child = child.getNextSibling();
+ }
+ siblingElement = (Element)child;
}
if (siblingElement == null) {
signContext = new DOMSignContext(key, securityHeader);
Modified: webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SignatureTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SignatureTest.java?rev=1099762&r1=1099761&r2=1099762&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SignatureTest.java (original)
+++ webservices/wss4j/trunk/src/test/java/org/apache/ws/security/message/SignatureTest.java Thu May 5 11:48:09 2011
@@ -37,6 +37,8 @@ import org.apache.ws.security.components
import org.apache.ws.security.handler.RequestData;
import org.apache.ws.security.handler.WSHandlerConstants;
import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
/**
@@ -555,6 +557,35 @@ public class SignatureTest extends org.j
verify(doc);
}
+
+ /**
+ * This is a test for WSS-283 - "ClassCastException when signing message with existing
+ * WSSE header containing Text as first child":
+ *
+ * https://issues.apache.org/jira/browse/WSS-283
+ */
+ @org.junit.Test
+ public void testWSS283() throws Exception {
+ WSSecSignature builder = new WSSecSignature();
+ builder.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
+ builder.setKeyIdentifierType(WSConstants.ISSUER_SERIAL);
+
+ Document doc = SOAPUtil.toSOAPPart(SOAPUtil.SAMPLE_SOAP_MSG);
+ WSSecHeader secHeader = new WSSecHeader();
+ Element secHeaderElement = secHeader.insertSecurityHeader(doc);
+ Node textNode = doc.createTextNode("This is a text node");
+ secHeaderElement.appendChild(textNode);
+ Document signedDoc = builder.build(doc, crypto, secHeader);
+
+ if (LOG.isDebugEnabled()) {
+ LOG.debug("Signed message with text node:");
+ String outputString =
+ org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(signedDoc);
+ LOG.debug(outputString);
+ }
+
+ verify(signedDoc);
+ }
/**
* Verifies the soap envelope.