ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1443426 - /webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/message/WSSecSignature.java
Date Thu, 07 Feb 2013 11:52:50 GMT
Author: coheigea
Date: Thu Feb  7 11:52:50 2013
New Revision: 1443426

URL: http://svn.apache.org/viewvc?rev=1443426&view=rev
Log:
[WSS-421] - WSSecSignature does not allow access to the internal BinarySecurityToken after
it is applied to the security header

Modified:
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/message/WSSecSignature.java

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/message/WSSecSignature.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/message/WSSecSignature.java?rev=1443426&r1=1443425&r2=1443426&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/message/WSSecSignature.java
(original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/ws/security/dom/message/WSSecSignature.java
Thu Feb  7 11:52:50 2013
@@ -108,6 +108,7 @@ public class WSSecSignature extends WSSe
     private X509Certificate useThisCert = null;
     private Element securityHeader = null;
     private boolean useCustomSecRef;
+    private boolean bstAddedToSecurityHeader = false;
 
     public WSSecSignature() {
         super();
@@ -444,10 +445,10 @@ public class WSSecSignature extends WSSe
      * @param secHeader The security header
      */
     public void prependBSTElementToHeader(WSSecHeader secHeader) {
-        if (bstToken != null) {
+        if (bstToken != null && !bstAddedToSecurityHeader) {
             WSSecurityUtil.prependChildElement(secHeader.getSecurityHeader(), bstToken.getElement());
+            bstAddedToSecurityHeader = true;
         }
-        bstToken = null;
     }
 
     /**
@@ -455,11 +456,11 @@ public class WSSecSignature extends WSSe
      * @param secHeader The security header
      */
     public void appendBSTElementToHeader(WSSecHeader secHeader) {
-        if (bstToken != null) {
+        if (bstToken != null && !bstAddedToSecurityHeader) {
             Element secHeaderElement = secHeader.getSecurityHeader();
             secHeaderElement.appendChild(bstToken.getElement());
+            bstAddedToSecurityHeader = true;
         }
-        bstToken = null;
     }
     
     /**



Mime
View raw message