cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject cxf git commit: Instantiate the SAML Response signature validator directly
Date Wed, 05 Jul 2017 10:35:21 GMT
Repository: cxf
Updated Branches:
  refs/heads/3.1.x-fixes cdee5469e -> d84c16c9b


Instantiate the SAML Response signature validator directly


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/d84c16c9
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/d84c16c9
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/d84c16c9

Branch: refs/heads/3.1.x-fixes
Commit: d84c16c9bac47eec057f0d0f038a26b43bc8d603
Parents: cdee546
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Wed Jul 5 11:31:07 2017 +0100
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Wed Jul 5 11:32:50 2017 +0100

----------------------------------------------------------------------
 .../rs/security/saml/sso/SAMLProtocolResponseValidator.java   | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/d84c16c9/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLProtocolResponseValidator.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLProtocolResponseValidator.java
b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLProtocolResponseValidator.java
index 590ed64..9a3df86 100644
--- a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLProtocolResponseValidator.java
+++ b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLProtocolResponseValidator.java
@@ -65,7 +65,8 @@ import org.opensaml.xmlsec.encryption.EncryptedData;
 import org.opensaml.xmlsec.signature.KeyInfo;
 import org.opensaml.xmlsec.signature.Signature;
 import org.opensaml.xmlsec.signature.support.SignatureException;
-import org.opensaml.xmlsec.signature.support.SignatureValidator;
+import org.opensaml.xmlsec.signature.support.SignatureValidationProvider;
+import org.opensaml.xmlsec.signature.support.provider.ApacheSantuarioSignatureValidationProviderImpl;
 
 /**
  * Validate a SAML (1.1 or 2.0) Protocol Response. It validates the Response against the
specs,
@@ -336,7 +337,9 @@ public class SAMLProtocolResponseValidator {
             throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "invalidSAMLsecurity");
         }
         try {
-            SignatureValidator.validate(signature, credential);
+            SignatureValidationProvider responseSignatureValidator =
+                new ApacheSantuarioSignatureValidationProviderImpl();
+            responseSignatureValidator.validate(signature, credential);
         } catch (SignatureException ex) {
             LOG.log(Level.FINE, "Error in validating the SAML Signature: " + ex.getMessage(),
ex);
             throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "invalidSAMLsecurity");


Mime
View raw message