You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2011/10/27 13:49:17 UTC
svn commit: r1189707 -
/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AsymmetricBindingPolicyValidator.java
Author: coheigea
Date: Thu Oct 27 11:49:17 2011
New Revision: 1189707
URL: http://svn.apache.org/viewvc?rev=1189707&view=rev
Log:
Added a check for an X.509 token in the InitiatorToken of the AsymmetricBindingPolicyValidator
Modified:
cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AsymmetricBindingPolicyValidator.java
Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AsymmetricBindingPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AsymmetricBindingPolicyValidator.java?rev=1189707&r1=1189706&r2=1189707&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AsymmetricBindingPolicyValidator.java (original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AsymmetricBindingPolicyValidator.java Thu Oct 27 11:49:17 2011
@@ -19,6 +19,8 @@
package org.apache.cxf.ws.security.wss4j.policyvalidators;
+import java.security.cert.X509Certificate;
+
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
@@ -28,6 +30,8 @@ import org.apache.cxf.ws.policy.Assertio
import org.apache.cxf.ws.policy.AssertionInfoMap;
import org.apache.cxf.ws.security.policy.SP12Constants;
import org.apache.cxf.ws.security.policy.model.AsymmetricBinding;
+import org.apache.cxf.ws.security.policy.model.Token;
+import org.apache.cxf.ws.security.policy.model.X509Token;
import org.apache.ws.security.WSConstants;
import org.apache.ws.security.WSSecurityEngineResult;
@@ -102,6 +106,19 @@ public class AsymmetricBindingPolicyVali
AssertionInfoMap aim
) {
if (binding.getInitiatorToken() != null) {
+ Token token = binding.getInitiatorToken().getToken();
+ if (token instanceof X509Token) {
+ for (WSSecurityEngineResult result : signedResults) {
+ X509Certificate cert =
+ (X509Certificate)result.get(WSSecurityEngineResult.TAG_X509_CERTIFICATE);
+ if (cert == null) {
+ String error = "An X.509 certificate was not used for the initiator token";
+ notAssertPolicy(aim, binding.getInitiatorToken().getName(), error);
+ ai.setNotAsserted(error);
+ return false;
+ }
+ }
+ }
assertPolicy(aim, binding.getInitiatorToken());
if (!checkDerivedKeys(
binding.getInitiatorToken(), hasDerivedKeys, signedResults, encryptedResults