You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2011/11/11 18:44:04 UTC

svn commit: r1200990 - /cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java

Author: coheigea
Date: Fri Nov 11 17:44:04 2011
New Revision: 1200990

URL: http://svn.apache.org/viewvc?rev=1200990&view=rev
Log:
A fix for when a UsernameToken is used via a SignedSupportingToken/IssuedToken

Modified:
    cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java

Modified: cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java?rev=1200990&r1=1200989&r2=1200990&view=diff
==============================================================================
--- cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java (original)
+++ cxf/branches/2.4.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java Fri Nov 11 17:44:04 2011
@@ -498,9 +498,13 @@ public abstract class AbstractBindingBui
                 Element clone = cloneElement(secToken.getToken());
                 secToken.setToken(clone);
                 addSupportingElement(clone);
-        
+                
+                String id = secToken.getId();
+                if (id != null && id.charAt(0) == '#') {
+                    id = id.substring(1);
+                }
                 if (suppTokens.isEncryptedToken()) {
-                    this.encryptedTokensIdList.add(secToken.getId());
+                    this.encryptedTokensIdList.add(id);
                 }
         
                 if (secToken.getX509Certificate() == null) {  
@@ -508,7 +512,7 @@ public abstract class AbstractBindingBui
                 } else {
                     WSSecSignature sig = new WSSecSignature(wssConfig);                    
                     sig.setX509Certificate(secToken.getX509Certificate());
-                    sig.setCustomTokenId(secToken.getId());
+                    sig.setCustomTokenId(id);
                     sig.setKeyIdentifierType(WSConstants.CUSTOM_KEY_IDENTIFIER);
                     String tokenType = secToken.getTokenType();
                     if (WSConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType)
@@ -544,9 +548,6 @@ public abstract class AbstractBindingBui
                         throw new Fault(e);
                     }
                     
-                    if (suppTokens.isEncryptedToken()) {
-                        encryptedTokensIdList.add(secToken.getId());
-                    }
                     ret.put(token, sig);                
                 }
 
@@ -671,7 +672,11 @@ public abstract class AbstractBindingBui
                     part.setId(secRef.getID());
                     part.setElement(clone);
                 } else {
-                    part = new WSEncryptionPart(token.getId());
+                    String id = token.getId();
+                    if (id != null && id.charAt(0) == '#') {
+                        id = id.substring(1);
+                    }
+                    part = new WSEncryptionPart(id);
                     part.setElement(token.getToken());
                 }
             } else {