You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by gi...@apache.org on 2013/07/11 19:42:53 UTC

svn commit: r1502295 - /webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/PolicyInputProcessor.java

Author: giger
Date: Thu Jul 11 17:42:53 2013
New Revision: 1502295

URL: http://svn.apache.org/r1502295
Log:
do not rely on soap:Envelope end element but use the doFinal() method for the final policy verification

Modified:
    webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/PolicyInputProcessor.java

Modified: webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/PolicyInputProcessor.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/PolicyInputProcessor.java?rev=1502295&r1=1502294&r2=1502295&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/PolicyInputProcessor.java (original)
+++ webservices/wss4j/trunk/ws-security-policy-stax/src/main/java/org/apache/wss4j/policy/stax/PolicyInputProcessor.java Thu Jul 11 17:42:53 2013
@@ -30,7 +30,6 @@ import org.apache.wss4j.stax.securityEve
 import org.apache.wss4j.stax.securityEvent.SignedPartSecurityEvent;
 import org.apache.xml.security.exceptions.XMLSecurityException;
 import org.apache.xml.security.stax.ext.*;
-import org.apache.xml.security.stax.ext.stax.XMLSecEndElement;
 import org.apache.xml.security.stax.ext.stax.XMLSecEvent;
 import org.apache.xml.security.stax.ext.stax.XMLSecStartElement;
 import org.apache.xml.security.stax.securityEvent.ContentEncryptedElementSecurityEvent;
@@ -115,18 +114,6 @@ public class PolicyInputProcessor extend
                     policyEnforcer.registerSecurityEvent(requiredElementSecurityEvent);
                 }
                 break;
-            case XMLStreamConstants.END_ELEMENT:
-                XMLSecEndElement xmlSecEndElement = xmlSecEvent.asEndElement();
-                //ns mismatch should be detected by the xml parser so a local-name equality check should be enough
-                if (xmlSecEndElement.getDocumentLevel() == 1
-                        && xmlSecEvent.asEndElement().getName().getLocalPart().equals(WSSConstants.TAG_soap_Envelope_LocalName)) {
-                    try {
-                        policyEnforcer.doFinal();
-                    } catch (WSSPolicyException e) {
-                        throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY, e);
-                    }
-                }
-                break;
         }
 
         //if transport security is active, every element is encrypted/signed
@@ -156,6 +143,16 @@ public class PolicyInputProcessor extend
         return xmlSecEvent;
     }
 
+    @Override
+    public void doFinal(InputProcessorChain inputProcessorChain) throws XMLStreamException, XMLSecurityException {
+        try {
+            policyEnforcer.doFinal();
+        } catch (WSSPolicyException e) {
+            throw new WSSecurityException(WSSecurityException.ErrorCode.INVALID_SECURITY, e);
+        }
+        super.doFinal(inputProcessorChain);
+    }
+
     private void testSignaturePolicy(XMLSecEvent xmlSecEvent, List<QName> elementPath) throws WSSecurityException {
         if (xmlSecEvent.getEventType() == XMLStreamConstants.START_ELEMENT) {
             final int documentLevel = elementPath.size();