You are viewing a plain text version of this content. The canonical link for it is here.

Posted to wss4j-dev@ws.apache.org by "Nandana Mihindukulasooriya (JIRA)" <ji...@apache.org> on 2008/06/11 11:50:44 UTC

[jira] Resolved: (WSS-102) AbstractCrypto's constructor does not allow null properties in WSS4J 1.5.2 and 1.5.3 for custom Crypto with no input stream source

     [ https://issues.apache.org/jira/browse/WSS-102?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Nandana Mihindukulasooriya resolved WSS-102.
--------------------------------------------

    Resolution: Fixed

Fixed.

> AbstractCrypto's constructor does not allow null properties in WSS4J 1.5.2 and 1.5.3 for custom Crypto with no input stream source
> ----------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: WSS-102
>                 URL: https://issues.apache.org/jira/browse/WSS-102
>             Project: WSS4J
>          Issue Type: Bug
>         Environment: WSS4J 1.5.2
> WSS4J 1.5.3
>            Reporter: Akitoshi Yoshida
>            Assignee: Nandana Mihindukulasooriya
>   Original Estimate: 1h
>  Remaining Estimate: 1h
>
> The ealier implemantation (before 1.5.2) looked like:
>     public AbstractCrypto(Properties properties, ClassLoader loader) throws CredentialException, IOException {
>         /*
>         * if no properties .. just return an instance, the rest will be
>         * done later or this instance is just used to handle certificate
>         * conversions in this implementatio
>         */
>         if (properties == null) {
>             return;
>         }
>         this.properties = properties;
>         String location = this.properties.getProperty("org.apache.ws.security.crypto.merlin.file");
> This allowed a custom Crypto class extending from AbstractCrypto to pass a null properties and do the rest in its own constructor.
> The above implementation was changed in 1.5.2 so that it does not accept a null properties, as in
>     public AbstractCrypto(Properties properties, ClassLoader loader) throws CredentialException, IOException {
>         this.properties = properties;
>         String location = this.properties.getProperty("org.apache.ws.security.crypto.merlin.file");
> The rest of the code in this constructor assumes an input stream based keystore source and therefore it is not useful if your environment has only access to the keystore object but not its source stream.
> Is there any strong reason to remove the original "if (properties == null) { return; } " block?
> If not, could you reinsert that block?
> Thank you.
> Aki Yoshida

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org