cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject git commit: [CXF-6032] - NullPointerException while validating cert for SAML HOK
Date Sat, 04 Oct 2014 22:55:36 GMT
Repository: cxf
Updated Branches:
  refs/heads/master 51db79ca7 -> 53889ee97


[CXF-6032] - NullPointerException while validating cert for SAML HOK


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/53889ee9
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/53889ee9
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/53889ee9

Branch: refs/heads/master
Commit: 53889ee97a637f07fe39dc3d7d75714ed016ff4e
Parents: 51db79c
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Sat Oct 4 23:47:01 2014 +0100
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Sat Oct 4 23:48:54 2014 +0100

----------------------------------------------------------------------
 .../apache/cxf/sts/token/provider/DefaultSubjectProvider.java  | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/53889ee9/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/DefaultSubjectProvider.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/DefaultSubjectProvider.java
b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/DefaultSubjectProvider.java
index 154ab7c..b04886d 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/DefaultSubjectProvider.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/DefaultSubjectProvider.java
@@ -21,8 +21,11 @@ package org.apache.cxf.sts.token.provider;
 import java.security.Principal;
 import java.security.PublicKey;
 import java.security.cert.X509Certificate;
+import java.util.Collection;
+import java.util.Collections;
 import java.util.logging.Level;
 import java.util.logging.Logger;
+import java.util.regex.Pattern;
 
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
@@ -173,8 +176,9 @@ public class DefaultSubjectProvider implements SubjectProvider {
             if (stsProperties.isValidateUseKey() && stsProperties.getSignatureCrypto()
!= null) {
                 if (receivedKey.getX509Cert() != null) {
                     try {
+                        Collection<Pattern> constraints = Collections.emptyList();
                         stsProperties.getSignatureCrypto().verifyTrust(
-                            new X509Certificate[]{receivedKey.getX509Cert()}, false, null);
+                            new X509Certificate[]{receivedKey.getX509Cert()}, false, constraints);
                     } catch (WSSecurityException e) {
                         LOG.log(Level.FINE, "Error in trust validation of UseKey: ", e);
                         throw new STSException("Error in trust validation of UseKey", STSException.REQUEST_FAILED);


Mime
View raw message