cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject cxf git commit: CXF-4028 - X509TokenValidator uses signature-crypto-provider instead of encryption-crypto-provider
Date Tue, 28 Mar 2017 07:09:07 GMT
Repository: cxf
Updated Branches:
  refs/heads/3.1.x-fixes 42eca6f9c -> 1444d9873


CXF-4028 - X509TokenValidator uses signature-crypto-provider instead of encryption-crypto-provider


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/1444d987
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/1444d987
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/1444d987

Branch: refs/heads/3.1.x-fixes
Commit: 1444d98730b69b95b00067a33e6255d069e0bec1
Parents: 42eca6f
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Tue Mar 28 08:07:11 2017 +0100
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Tue Mar 28 08:09:00 2017 +0100

----------------------------------------------------------------------
 .../cxf/sts/token/validator/X509TokenValidator.java    | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/1444d987/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/X509TokenValidator.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/X509TokenValidator.java
b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/X509TokenValidator.java
index 276d3fd..d32b510 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/X509TokenValidator.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/validator/X509TokenValidator.java
@@ -113,11 +113,16 @@ public class X509TokenValidator implements TokenValidator {
     public TokenValidatorResponse validateToken(TokenValidatorParameters tokenParameters)
{
         LOG.fine("Validating X.509 Token");
         STSPropertiesMBean stsProperties = tokenParameters.getStsProperties();
-        Crypto sigCrypto = stsProperties.getSignatureCrypto();
         CallbackHandler callbackHandler = stsProperties.getCallbackHandler();
 
+        // See CXF-4028
+        Crypto crypto = stsProperties.getEncryptionCrypto();
+        if (crypto == null) {
+            crypto = stsProperties.getSignatureCrypto();
+        }
+
         RequestData requestData = new RequestData();
-        requestData.setSigVerCrypto(sigCrypto);
+        requestData.setSigVerCrypto(crypto);
         requestData.setWssConfig(WSSConfig.getNewInstance());
         requestData.setCallbackHandler(callbackHandler);
         requestData.setMsgContext(tokenParameters.getMessageContext());
@@ -177,8 +182,8 @@ public class X509TokenValidator implements TokenValidator {
         try {
             Credential credential = new Credential();
             credential.setBinarySecurityToken(binarySecurity);
-            if (sigCrypto != null) {
-                X509Certificate cert = ((X509Security)binarySecurity).getX509Certificate(sigCrypto);
+            if (crypto != null) {
+                X509Certificate cert = ((X509Security)binarySecurity).getX509Certificate(crypto);
                 credential.setCertificates(new X509Certificate[]{cert});
             }
 


Mime
View raw message