You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@ws.apache.org by co...@apache.org on 2019/01/21 15:35:50 UTC

svn commit: r1851750 - /webservices/wss4j/branches/2_2_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SAMLTokenInputHandler.java

Author: coheigea
Date: Mon Jan 21 15:35:50 2019
New Revision: 1851750

URL: http://svn.apache.org/viewvc?rev=1851750&view=rev
Log:
WSS-640 - Streaming Sender-Vouches validation does not work with SOAP 1.2

Modified:
    webservices/wss4j/branches/2_2_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SAMLTokenInputHandler.java

Modified: webservices/wss4j/branches/2_2_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SAMLTokenInputHandler.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_2_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SAMLTokenInputHandler.java?rev=1851750&r1=1851749&r2=1851750&view=diff
==============================================================================
--- webservices/wss4j/branches/2_2_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SAMLTokenInputHandler.java (original)
+++ webservices/wss4j/branches/2_2_x-fixes/ws-security-stax/src/main/java/org/apache/wss4j/stax/impl/processor/input/SAMLTokenInputHandler.java Mon Jan 21 15:35:50 2019
@@ -559,14 +559,15 @@ public class SAMLTokenInputHandler exten
                 SignedPartSecurityEvent signedPartSecurityEvent = (SignedPartSecurityEvent) securityEvent;
 
                 List<QName> elementPath = signedPartSecurityEvent.getElementPath();
-                if (elementPath.equals(WSSConstants.SOAP_11_BODY_PATH)) {
+                if (WSSUtils.pathMatches(WSSConstants.SOAP_11_BODY_PATH, elementPath, true, false)) {
                     bodySignedPartSecurityEvent = signedPartSecurityEvent;
                 }
             } else if (WSSecurityEventConstants.SignedElement.equals(securityEvent.getSecurityEventType())) {
                 SignedElementSecurityEvent signedPartSecurityEvent = (SignedElementSecurityEvent) securityEvent;
 
                 List<QName> elementPath = signedPartSecurityEvent.getElementPath();
-                if (elementPath.equals(SAML2_TOKEN_PATH) || elementPath.equals(SAML1_TOKEN_PATH)) {
+                if (WSSUtils.pathMatches(SAML2_TOKEN_PATH, elementPath, true, false)
+                    || WSSUtils.pathMatches(SAML1_TOKEN_PATH, elementPath, true, false)) {
                     samlTokenSignedElementSecurityEvents.add(signedPartSecurityEvent);
                 }
             }