You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by co...@apache.org on 2013/06/25 15:52:59 UTC
svn commit: r1496472 -
/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/SignatureTrustValidator.java
Author: coheigea
Date: Tue Jun 25 13:52:58 2013
New Revision: 1496472
URL: http://svn.apache.org/r1496472
Log:
[WSS-455] - Certificate validation in SignatureTrustValidator
- Patch applied, thanks
Modified:
webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/SignatureTrustValidator.java
Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/SignatureTrustValidator.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/SignatureTrustValidator.java?rev=1496472&r1=1496471&r2=1496472&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/SignatureTrustValidator.java (original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/SignatureTrustValidator.java Tue Jun 25 13:52:58 2013
@@ -30,6 +30,7 @@ import java.util.regex.Pattern;
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.crypto.CryptoType;
+import org.apache.wss4j.common.crypto.Merlin;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.dom.handler.RequestData;
@@ -151,7 +152,7 @@ public class SignatureTrustValidator imp
//
// FIRST step - Search the keystore for the transmitted certificate
//
- if (!enableRevocation && isCertificateInKeyStore(crypto, cert)) {
+ if (!enableRevocation && (crypto instanceof Merlin) && isCertificateInKeyStore(crypto, cert)) {
return true;
}