You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2011/08/04 11:58:34 UTC
svn commit: r1153817 -
/cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSTokenValidator.java
Author: coheigea
Date: Thu Aug 4 09:58:34 2011
New Revision: 1153817
URL: http://svn.apache.org/viewvc?rev=1153817&view=rev
Log:
[CXF-3708] - A validated and transformed SAML Token is not cached in the STSTokenValidator
Modified:
cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSTokenValidator.java
Modified: cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSTokenValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSTokenValidator.java?rev=1153817&r1=1153816&r2=1153817&view=diff
==============================================================================
--- cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSTokenValidator.java (original)
+++ cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSTokenValidator.java Thu Aug 4 09:58:34 2011
@@ -19,6 +19,7 @@
package org.apache.cxf.ws.security.trust;
+import java.util.Arrays;
import java.util.List;
import org.w3c.dom.Element;
@@ -68,8 +69,12 @@ public class STSTokenValidator implement
Element tokenElement = null;
int hash = 0;
if (credential.getAssertion() != null) {
+ AssertionWrapper assertion = credential.getAssertion();
+ byte[] signatureValue = assertion.getSignatureValue();
+ if (signatureValue != null && signatureValue.length > 0) {
+ hash = Arrays.hashCode(signatureValue);
+ }
tokenElement = credential.getAssertion().getElement();
- hash = credential.getAssertion().hashCode();
} else if (credential.getUsernametoken() != null) {
tokenElement = credential.getUsernametoken().getElement();
hash = credential.getUsernametoken().hashCode();