cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [2/2] cxf git commit: NPE fix if a SAML Issuer is null
Date Thu, 10 Aug 2017 15:13:40 GMT
NPE fix if a SAML Issuer is null

# Conflicts:
#	rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/89d74c90
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/89d74c90
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/89d74c90

Branch: refs/heads/3.1.x-fixes
Commit: 89d74c9041b9fa9bd2f944a85fce9b1b2546238b
Parents: a41f31c
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Thu Aug 10 15:10:58 2017 +0100
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Thu Aug 10 15:32:51 2017 +0100

----------------------------------------------------------------------
 .../cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java       | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/89d74c90/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java
b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java
index 6037934..c7d9cf8 100644
--- a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java
+++ b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java
@@ -168,8 +168,8 @@ public class SAMLSSOResponseValidator {
         }
         
         // Issuer value must match (be contained in) Issuer IDP
-        if (enforceKnownIssuer && !issuerIDP.startsWith(issuer.getValue())) {
-            LOG.fine("Issuer value: " + issuer.getValue() + " does not match issuer IDP:
" 
+        if (enforceKnownIssuer && (issuer.getValue() == null || !issuerIDP.startsWith(issuer.getValue())))
{
+            LOG.fine("Issuer value: " + issuer.getValue() + " does not match issuer IDP:
"
                 + issuerIDP);
             throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "invalidSAMLsecurity");
         }


Mime
View raw message