cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject cxf git commit: Fix signing issue
Date Mon, 01 Feb 2016 11:46:36 GMT
Repository: cxf
Updated Branches:
  refs/heads/3.1.x-fixes bfa97ebf0 -> 5e004fcab


Fix signing issue


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/5e004fca
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/5e004fca
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/5e004fca

Branch: refs/heads/3.1.x-fixes
Commit: 5e004fcab1a59c5c3c9eb906564cbc9dfd746a8e
Parents: bfa97eb
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Mon Feb 1 11:45:51 2016 +0000
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Mon Feb 1 11:46:13 2016 +0000

----------------------------------------------------------------------
 .../apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/5e004fca/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java
b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java
index e072817..c95e773 100644
--- a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java
+++ b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java
@@ -109,7 +109,7 @@ public class SAMLSSOResponseValidator {
             }
             validateIssuer(assertion.getIssuer());
             
-            if (!enforceResponseSigned && enforceAssertionsSigned && assertion.getSignature()
== null) {
+            if (!samlResponse.isSigned() && enforceAssertionsSigned && assertion.getSignature()
== null) {
                 LOG.fine("The enclosed assertions in the SAML Response must be signed");
                 throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "invalidSAMLsecurity");
             }


Mime
View raw message