You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2014/10/17 11:01:24 UTC
svn commit: r1632518 - in
/webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security:
message/DOMCallbackLookup.java util/WSSecurityUtil.java
Author: coheigea
Date: Fri Oct 17 09:01:24 2014
New Revision: 1632518
URL: http://svn.apache.org/r1632518
Log:
[WSS-517] - Cannot resolve WSS signature reference URI that points to AssertionID attribute of SAML 1.1 token
Conflicts:
src/main/java/org/apache/ws/security/message/DOMCallbackLookup.java
Modified:
webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/message/DOMCallbackLookup.java
webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/util/WSSecurityUtil.java
Modified: webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/message/DOMCallbackLookup.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/message/DOMCallbackLookup.java?rev=1632518&r1=1632517&r2=1632518&view=diff
==============================================================================
--- webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/message/DOMCallbackLookup.java (original)
+++ webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/message/DOMCallbackLookup.java Fri Oct 17 09:01:24 2014
@@ -53,19 +53,21 @@ public class DOMCallbackLookup implement
public Element getElement(
String id, String valueType, boolean checkMultipleElements
) throws WSSecurityException {
+ String idToMatch = WSSecurityUtil.getIDFromReference(id);
+
//
// Try the SOAP Body first
//
Element bodyElement = WSSecurityUtil.findBodyElement(doc);
if (bodyElement != null) {
String cId = bodyElement.getAttributeNS(WSConstants.WSU_NS, "Id");
- if (cId.equals(id)) {
+ if (cId.equals(idToMatch)) {
return bodyElement;
}
}
// Otherwise do a general search
Element foundElement =
- WSSecurityUtil.findElementById(doc.getDocumentElement(), id, checkMultipleElements);
+ WSSecurityUtil.findElementById(doc.getDocumentElement(), idToMatch, checkMultipleElements);
if (foundElement != null) {
return foundElement;
}
@@ -80,7 +82,7 @@ public class DOMCallbackLookup implement
|| valueType == null) {
return
WSSecurityUtil.findSAMLAssertionElementById(
- doc.getDocumentElement(), id
+ doc.getDocumentElement(), idToMatch
);
}
Modified: webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/util/WSSecurityUtil.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/util/WSSecurityUtil.java?rev=1632518&r1=1632517&r2=1632518&view=diff
==============================================================================
--- webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/util/WSSecurityUtil.java (original)
+++ webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/util/WSSecurityUtil.java Fri Oct 17 09:01:24 2014
@@ -640,6 +640,9 @@ public final class WSSecurityUtil {
* correctly formed
*/
public static String getIDFromReference(String ref) {
+ if (ref == null) {
+ return null;
+ }
String id = ref.trim();
if (id.length() == 0) {
return null;