You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@ws.apache.org by co...@apache.org on 2013/05/14 13:25:21 UTC

svn commit: r1482303 - /webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/SamlTokenValidatorImpl.java

Author: coheigea
Date: Tue May 14 11:25:21 2013
New Revision: 1482303

URL: http://svn.apache.org/r1482303
Log:
Only require a Signature Verification Crypto if the SAML Token is signed

Modified:
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/SamlTokenValidatorImpl.java

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/SamlTokenValidatorImpl.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/SamlTokenValidatorImpl.java?rev=1482303&r1=1482302&r2=1482303&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/SamlTokenValidatorImpl.java (original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/wss4j/stax/validate/SamlTokenValidatorImpl.java Tue May 14 11:25:21 2013
@@ -22,15 +22,11 @@ import org.apache.wss4j.common.crypto.Cr
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.common.saml.SamlAssertionWrapper;
 import org.apache.wss4j.stax.securityToken.SamlSecurityToken;
-import org.apache.wss4j.stax.ext.WSSConfigurationException;
 import org.apache.wss4j.stax.impl.securityToken.SamlSecurityTokenImpl;
 import org.apache.xml.security.stax.securityToken.InboundSecurityToken;
 
 public class SamlTokenValidatorImpl extends SignatureTokenValidatorImpl implements SamlTokenValidator {
     
-    private static final transient org.slf4j.Logger log =
-        org.slf4j.LoggerFactory.getLogger(SamlTokenValidatorImpl.class);
-    
     /**
      * The time in seconds in the future within which the NotBefore time of an incoming
      * Assertion is valid. The default is 60 seconds.
@@ -77,11 +73,8 @@ public class SamlTokenValidatorImpl exte
         validateAssertion(samlAssertionWrapper);
 
         Crypto sigVerCrypto = null;
-        try {
+        if (samlAssertionWrapper.isSigned()) {
             sigVerCrypto = tokenContext.getWssSecurityProperties().getSignatureVerificationCrypto();
-        } catch (WSSConfigurationException ex) {
-            // A Signature Verification Crypto instance may not be required
-            log.warn(ex.getMessage(), ex);
         }
         SamlSecurityTokenImpl securityToken = new SamlSecurityTokenImpl(
                 samlAssertionWrapper, subjectSecurityToken,