cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1328314 - /cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractBindingPolicyValidator.java
Date Fri, 20 Apr 2012 10:48:22 GMT
Author: coheigea
Date: Fri Apr 20 10:48:22 2012
New Revision: 1328314

URL: http://svn.apache.org/viewvc?rev=1328314&view=rev
Log:
Avoid NPE when checking OnlySignEntireHeadersAndBody Element when a STR Transform is used
in the Signature

Modified:
    cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractBindingPolicyValidator.java

Modified: cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractBindingPolicyValidator.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractBindingPolicyValidator.java?rev=1328314&r1=1328313&r2=1328314&view=diff
==============================================================================
--- cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractBindingPolicyValidator.java
(original)
+++ cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyvalidators/AbstractBindingPolicyValidator.java
Fri Apr 20 10:48:22 2012
@@ -114,12 +114,14 @@ public abstract class AbstractBindingPol
                     CastUtils.cast((List<?>)signedResult.get(WSSecurityEngineResult.TAG_DATA_REF_URIS));
             for (WSDataRef dataRef : dataRefs) {
                 String xpath = dataRef.getXpath();
-                String[] nodes = xpath.split("/");
-                // envelope/Body || envelope/Header/header || envelope/Header/wsse:Security/header
-                if (nodes.length == 5 && nodes[3].contains("Security")) {
-                    continue;
-                } else if (nodes.length < 3 || nodes.length > 4) {
-                    return false;
+                if (xpath != null) {
+                    String[] nodes = xpath.split("/");
+                    // envelope/Body || envelope/Header/header || envelope/Header/wsse:Security/header
+                    if (nodes.length == 5 && nodes[3].contains("Security")) {
+                        continue;
+                    } else if (nodes.length < 3 || nodes.length > 4) {
+                        return false;
+                    }
                 }
             }
         }



Mime
View raw message