cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject cxf git commit: Fix signing issue
Date Mon, 01 Feb 2016 11:47:11 GMT
Repository: cxf
Updated Branches:
  refs/heads/3.0.x-fixes 0bdf4ebdc -> 8651a6f16


Fix signing issue


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/8651a6f1
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/8651a6f1
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/8651a6f1

Branch: refs/heads/3.0.x-fixes
Commit: 8651a6f1677fa012c2a95d083884aa020176e1de
Parents: 0bdf4eb
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Mon Feb 1 11:45:51 2016 +0000
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Mon Feb 1 11:46:47 2016 +0000

----------------------------------------------------------------------
 .../apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/8651a6f1/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java
b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java
index 70c659f..45bb581 100644
--- a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java
+++ b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java
@@ -109,7 +109,7 @@ public class SAMLSSOResponseValidator {
             }
             validateIssuer(assertion.getIssuer());
             
-            if (!enforceResponseSigned && enforceAssertionsSigned && assertion.getSignature()
== null) {
+            if (!samlResponse.isSigned() && enforceAssertionsSigned && assertion.getSignature()
== null) {
                 LOG.fine("The enclosed assertions in the SAML Response must be signed");
                 throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "invalidSAMLsecurity");
             }


Mime
View raw message