ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1445697 - in /webservices/wss4j/trunk: ws-security-policy-stax/src/test/java/org/apache/ws/security/policy/stax/test/ ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/ ws-security-stax/src/main/java/org/apache/...
Date Wed, 13 Feb 2013 15:57:21 GMT
Author: coheigea
Date: Wed Feb 13 15:57:20 2013
New Revision: 1445697

URL: http://svn.apache.org/r1445697
Log:
Apply PublicKey Trust validation to SAML Tokens

Modified:
    webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/ws/security/policy/stax/test/IssuedTokenTest.java
    webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/ws/security/policy/stax/test/SamlTokenTest.java
    webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/ws/security/policy/stax/test/SupportingTokensTest.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/SAMLSecurityToken.java
    webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/validate/SamlTokenValidatorImpl.java
    webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/ws/security/stax/test/InboundWSSecurityContextImplTest.java

Modified: webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/ws/security/policy/stax/test/IssuedTokenTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/ws/security/policy/stax/test/IssuedTokenTest.java?rev=1445697&r1=1445696&r2=1445697&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/ws/security/policy/stax/test/IssuedTokenTest.java
(original)
+++ webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/ws/security/policy/stax/test/IssuedTokenTest.java
Wed Feb 13 15:57:20 2013
@@ -116,7 +116,8 @@ public class IssuedTokenTest extends Abs
         SamlAssertionWrapper samlAssertionWrapper = createSamlAssertionWrapper(samlCallback);
 
         SamlTokenSecurityEvent initiatorTokenSecurityEvent = new SamlTokenSecurityEvent();
-        SecurityToken securityToken = new SAMLSecurityToken(samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token),
null, null, "1", null);
+        SecurityToken securityToken = 
+            new SAMLSecurityToken(samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token),
null, null, "1", null, null);
         securityToken.addTokenUsage(SecurityToken.TokenUsage.MainSignature);
         initiatorTokenSecurityEvent.setSecurityToken(securityToken);
         policyEnforcer.registerSecurityEvent(initiatorTokenSecurityEvent);
@@ -125,7 +126,8 @@ public class IssuedTokenTest extends Abs
         samlAssertionWrapper = createSamlAssertionWrapper(samlCallback);
 
         SamlTokenSecurityEvent recipientTokenSecurityEvent = new SamlTokenSecurityEvent();
-        securityToken = new SAMLSecurityToken(samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token),
null, null, "1", null);
+        securityToken = 
+            new SAMLSecurityToken(samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token),
null, null, "1", null, null);
         securityToken.addTokenUsage(SecurityToken.TokenUsage.MainEncryption);
         recipientTokenSecurityEvent.setSecurityToken(securityToken);
         policyEnforcer.registerSecurityEvent(recipientTokenSecurityEvent);
@@ -169,13 +171,15 @@ public class IssuedTokenTest extends Abs
         SamlAssertionWrapper samlAssertionWrapper = createSamlAssertionWrapper(samlCallback);
 
         SamlTokenSecurityEvent initiatorTokenSecurityEvent = new SamlTokenSecurityEvent();
-        SecurityToken securityToken = new SAMLSecurityToken(samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token),
null, null, "1", null);
+        SecurityToken securityToken = 
+            new SAMLSecurityToken(samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token),
null, null, "1", null, null);
         securityToken.addTokenUsage(SecurityToken.TokenUsage.MainSignature);
         initiatorTokenSecurityEvent.setSecurityToken(securityToken);
         policyEnforcer.registerSecurityEvent(initiatorTokenSecurityEvent);
 
         SamlTokenSecurityEvent recipientTokenSecurityEvent = new SamlTokenSecurityEvent();
-        securityToken = new SAMLSecurityToken(samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token),
null, null, "1", null);
+        securityToken = 
+            new SAMLSecurityToken(samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token),
null, null, "1", null, null);
         securityToken.addTokenUsage(SecurityToken.TokenUsage.MainEncryption);
         recipientTokenSecurityEvent.setSecurityToken(securityToken);
         policyEnforcer.registerSecurityEvent(recipientTokenSecurityEvent);
@@ -224,7 +228,8 @@ public class IssuedTokenTest extends Abs
         SamlAssertionWrapper samlAssertionWrapper = createSamlAssertionWrapper(samlCallback);
 
         SamlTokenSecurityEvent initiatorTokenSecurityEvent = new SamlTokenSecurityEvent();
-        SecurityToken securityToken = new SAMLSecurityToken(samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token),
null, null, "1", null);
+        SecurityToken securityToken = 
+            new SAMLSecurityToken(samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token),
null, null, "1", null, null);
         securityToken.addTokenUsage(SecurityToken.TokenUsage.MainSignature);
         initiatorTokenSecurityEvent.setSecurityToken(securityToken);
         policyEnforcer.registerSecurityEvent(initiatorTokenSecurityEvent);
@@ -233,7 +238,8 @@ public class IssuedTokenTest extends Abs
         samlAssertionWrapper = createSamlAssertionWrapper(samlCallback);
 
         SamlTokenSecurityEvent recipientTokenSecurityEvent = new SamlTokenSecurityEvent();
-        securityToken = new SAMLSecurityToken(samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token),
null, null, "1", null);
+        securityToken = 
+            new SAMLSecurityToken(samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token),
null, null, "1", null, null);
         securityToken.addTokenUsage(SecurityToken.TokenUsage.MainEncryption);
         recipientTokenSecurityEvent.setSecurityToken(securityToken);
         policyEnforcer.registerSecurityEvent(recipientTokenSecurityEvent);
@@ -282,7 +288,8 @@ public class IssuedTokenTest extends Abs
         SamlAssertionWrapper samlAssertionWrapper = createSamlAssertionWrapper(samlCallback);
 
         SamlTokenSecurityEvent initiatorTokenSecurityEvent = new SamlTokenSecurityEvent();
-        SecurityToken securityToken = new SAMLSecurityToken(samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token),
null, null, "1", null);
+        SecurityToken securityToken = 
+            new SAMLSecurityToken(samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token),
null, null, "1", null, null);
         securityToken.addTokenUsage(SecurityToken.TokenUsage.MainSignature);
         initiatorTokenSecurityEvent.setSecurityToken(securityToken);
         policyEnforcer.registerSecurityEvent(initiatorTokenSecurityEvent);
@@ -291,7 +298,8 @@ public class IssuedTokenTest extends Abs
         samlAssertionWrapper = createSamlAssertionWrapper(samlCallback);
 
         SamlTokenSecurityEvent recipientTokenSecurityEvent = new SamlTokenSecurityEvent();
-        securityToken = new SAMLSecurityToken(samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token),
null, null, "1", null);
+        securityToken = 
+            new SAMLSecurityToken(samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token),
null, null, "1", null, null);
         securityToken.addTokenUsage(SecurityToken.TokenUsage.MainEncryption);
         recipientTokenSecurityEvent.setSecurityToken(securityToken);
         policyEnforcer.registerSecurityEvent(recipientTokenSecurityEvent);
@@ -339,7 +347,8 @@ public class IssuedTokenTest extends Abs
         SamlAssertionWrapper samlAssertionWrapper = createSamlAssertionWrapper(samlCallback);
 
         SamlTokenSecurityEvent initiatorTokenSecurityEvent = new SamlTokenSecurityEvent();
-        SecurityToken securityToken = new SAMLSecurityToken(samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token),
null, null, "1", null);
+        SecurityToken securityToken = 
+            new SAMLSecurityToken(samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token),
null, null, "1", null, null);
         securityToken.addTokenUsage(SecurityToken.TokenUsage.MainSignature);
         initiatorTokenSecurityEvent.setSecurityToken(securityToken);
         policyEnforcer.registerSecurityEvent(initiatorTokenSecurityEvent);
@@ -348,7 +357,8 @@ public class IssuedTokenTest extends Abs
         samlAssertionWrapper = createSamlAssertionWrapper(samlCallback);
 
         SamlTokenSecurityEvent recipientTokenSecurityEvent = new SamlTokenSecurityEvent();
-        securityToken = new SAMLSecurityToken(samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token),
null, null, "1", null);
+        securityToken = 
+            new SAMLSecurityToken(samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token),
null, null, "1", null, null);
         securityToken.addTokenUsage(SecurityToken.TokenUsage.MainEncryption);
         recipientTokenSecurityEvent.setSecurityToken(securityToken);
         policyEnforcer.registerSecurityEvent(recipientTokenSecurityEvent);

Modified: webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/ws/security/policy/stax/test/SamlTokenTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/ws/security/policy/stax/test/SamlTokenTest.java?rev=1445697&r1=1445696&r2=1445697&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/ws/security/policy/stax/test/SamlTokenTest.java
(original)
+++ webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/ws/security/policy/stax/test/SamlTokenTest.java
Wed Feb 13 15:57:20 2013
@@ -89,13 +89,15 @@ public class SamlTokenTest extends Abstr
         SamlAssertionWrapper samlAssertionWrapper = createSamlAssertionWrapper(samlCallback);
 
         SamlTokenSecurityEvent initiatorTokenSecurityEvent = new SamlTokenSecurityEvent();
-        SecurityToken securityToken = new SAMLSecurityToken(samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token),
null, null, "1", null);
+        SecurityToken securityToken = 
+            new SAMLSecurityToken(samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token),
null, null, "1", null, null);
         securityToken.addTokenUsage(SecurityToken.TokenUsage.MainSignature);
         initiatorTokenSecurityEvent.setSecurityToken(securityToken);
         policyEnforcer.registerSecurityEvent(initiatorTokenSecurityEvent);
 
         SamlTokenSecurityEvent recipientTokenSecurityEvent = new SamlTokenSecurityEvent();
-        securityToken = new SAMLSecurityToken(samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token),
null, null, "1", null);
+        securityToken = 
+            new SAMLSecurityToken(samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token),
null, null, "1", null, null);
         securityToken.addTokenUsage(SecurityToken.TokenUsage.MainEncryption);
         recipientTokenSecurityEvent.setSecurityToken(securityToken);
         policyEnforcer.registerSecurityEvent(recipientTokenSecurityEvent);
@@ -161,7 +163,8 @@ public class SamlTokenTest extends Abstr
         SamlAssertionWrapper samlAssertionWrapper = createSamlAssertionWrapper(samlCallback);
 
         SamlTokenSecurityEvent initiatorTokenSecurityEvent = new SamlTokenSecurityEvent();
-        SecurityToken securityToken = new SAMLSecurityToken(samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token),
null, null, "1", null);
+        SecurityToken securityToken = 
+            new SAMLSecurityToken(samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token),
null, null, "1", null, null);
         securityToken.addTokenUsage(SecurityToken.TokenUsage.MainSignature);
         initiatorTokenSecurityEvent.setSecurityToken(securityToken);
         policyEnforcer.registerSecurityEvent(initiatorTokenSecurityEvent);
@@ -170,7 +173,8 @@ public class SamlTokenTest extends Abstr
         samlAssertionWrapper = createSamlAssertionWrapper(samlCallback);
 
         SamlTokenSecurityEvent recipientTokenSecurityEvent = new SamlTokenSecurityEvent();
-        securityToken = new SAMLSecurityToken(samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token),
null, null, "1", null);
+        securityToken = 
+            new SAMLSecurityToken(samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token),
null, null, "1", null, null);
         securityToken.addTokenUsage(SecurityToken.TokenUsage.MainEncryption);
         recipientTokenSecurityEvent.setSecurityToken(securityToken);
         policyEnforcer.registerSecurityEvent(recipientTokenSecurityEvent);

Modified: webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/ws/security/policy/stax/test/SupportingTokensTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/ws/security/policy/stax/test/SupportingTokensTest.java?rev=1445697&r1=1445696&r2=1445697&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/ws/security/policy/stax/test/SupportingTokensTest.java
(original)
+++ webservices/wss4j/trunk/ws-security-policy-stax/src/test/java/org/apache/ws/security/policy/stax/test/SupportingTokensTest.java
Wed Feb 13 15:57:20 2013
@@ -1174,13 +1174,15 @@ public class SupportingTokensTest extend
         SamlAssertionWrapper samlAssertionWrapper = createSamlAssertionWrapper(samlCallback);
 
         SamlTokenSecurityEvent tokenSecurityEvent = new SamlTokenSecurityEvent();
-        SecurityToken securityToken = new SAMLSecurityToken(samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token),
null, null, "1", null);
+        SecurityToken securityToken = 
+            new SAMLSecurityToken(samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token),
null, null, "1", null, null);
         securityToken.addTokenUsage(SecurityToken.TokenUsage.SupportingTokens);
         tokenSecurityEvent.setSecurityToken(securityToken);
         policyEnforcer.registerSecurityEvent(tokenSecurityEvent);
 
         tokenSecurityEvent = new SamlTokenSecurityEvent();
-        securityToken = new SAMLSecurityToken(samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token),
null, null, "1", null);
+        securityToken =
+            new SAMLSecurityToken(samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token),
null, null, "1", null, null);
         securityToken.addTokenUsage(SecurityToken.TokenUsage.SupportingTokens);
         tokenSecurityEvent.setSecurityToken(securityToken);
         policyEnforcer.registerSecurityEvent(tokenSecurityEvent);
@@ -1214,13 +1216,15 @@ public class SupportingTokensTest extend
         SamlAssertionWrapper samlAssertionWrapper = createSamlAssertionWrapper(samlCallback);
 
         SamlTokenSecurityEvent tokenSecurityEvent = new SamlTokenSecurityEvent();
-        SecurityToken securityToken = new SAMLSecurityToken(samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token),
null, null, "1", null);
+        SecurityToken securityToken = 
+            new SAMLSecurityToken(samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token),
null, null, "1", null, null);
         securityToken.addTokenUsage(SecurityToken.TokenUsage.SupportingTokens);
         tokenSecurityEvent.setSecurityToken(securityToken);
         policyEnforcer.registerSecurityEvent(tokenSecurityEvent);
 
         tokenSecurityEvent = new SamlTokenSecurityEvent();
-        securityToken = new SAMLSecurityToken(samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token),
null, null, "1", null);
+        securityToken = 
+            new SAMLSecurityToken(samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token),
null, null, "1", null, null);
         securityToken.addTokenUsage(SecurityToken.TokenUsage.SupportingTokens);
         tokenSecurityEvent.setSecurityToken(securityToken);
         policyEnforcer.registerSecurityEvent(tokenSecurityEvent);
@@ -1258,7 +1262,8 @@ public class SupportingTokensTest extend
         SamlAssertionWrapper samlAssertionWrapper = createSamlAssertionWrapper(samlCallback);
 
         SamlTokenSecurityEvent tokenSecurityEvent = new SamlTokenSecurityEvent();
-        SecurityToken securityToken = new SAMLSecurityToken(samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token),
null, null, "1", null);
+        SecurityToken securityToken = 
+            new SAMLSecurityToken(samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token),
null, null, "1", null, null);
         securityToken.addTokenUsage(SecurityToken.TokenUsage.SupportingTokens);
         tokenSecurityEvent.setSecurityToken(securityToken);
         policyEnforcer.registerSecurityEvent(tokenSecurityEvent);
@@ -1267,7 +1272,8 @@ public class SupportingTokensTest extend
         samlAssertionWrapper = createSamlAssertionWrapper(samlCallback);
 
         tokenSecurityEvent = new SamlTokenSecurityEvent();
-        securityToken = new SAMLSecurityToken(samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token),
null, null, "1", null);
+        securityToken = 
+            new SAMLSecurityToken(samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token),
null, null, "1", null, null);
         securityToken.addTokenUsage(SecurityToken.TokenUsage.SupportingTokens);
         tokenSecurityEvent.setSecurityToken(securityToken);
         policyEnforcer.registerSecurityEvent(tokenSecurityEvent);
@@ -1301,7 +1307,8 @@ public class SupportingTokensTest extend
         SamlAssertionWrapper samlAssertionWrapper = createSamlAssertionWrapper(samlCallback);
 
         SamlTokenSecurityEvent tokenSecurityEvent = new SamlTokenSecurityEvent();
-        SecurityToken securityToken = new SAMLSecurityToken(samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token),
null, null, "1", null);
+        SecurityToken securityToken = 
+            new SAMLSecurityToken(samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token),
null, null, "1", null, null);
         securityToken.addTokenUsage(SecurityToken.TokenUsage.SupportingTokens);
         tokenSecurityEvent.setSecurityToken(securityToken);
         policyEnforcer.registerSecurityEvent(tokenSecurityEvent);
@@ -1310,7 +1317,8 @@ public class SupportingTokensTest extend
         samlAssertionWrapper = createSamlAssertionWrapper(samlCallback);
 
         tokenSecurityEvent = new SamlTokenSecurityEvent();
-        securityToken = new SAMLSecurityToken(samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token),
null, null, "1", null);
+        securityToken = 
+            new SAMLSecurityToken(samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token),
null, null, "1", null, null);
         securityToken.addTokenUsage(SecurityToken.TokenUsage.SupportingTokens);
         tokenSecurityEvent.setSecurityToken(securityToken);
         policyEnforcer.registerSecurityEvent(tokenSecurityEvent);

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/SAMLSecurityToken.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/SAMLSecurityToken.java?rev=1445697&r1=1445696&r2=1445697&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/SAMLSecurityToken.java
(original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/impl/securityToken/SAMLSecurityToken.java
Wed Feb 13 15:57:20 2013
@@ -22,6 +22,7 @@ import org.apache.ws.security.common.cry
 import org.apache.ws.security.common.ext.WSSecurityException;
 import org.apache.ws.security.common.saml.SamlAssertionWrapper;
 import org.apache.ws.security.stax.ext.WSSConstants;
+import org.apache.ws.security.stax.ext.WSSSecurityProperties;
 import org.apache.ws.security.stax.ext.WSSecurityContext;
 import org.apache.xml.security.exceptions.XMLSecurityException;
 import org.apache.xml.security.stax.ext.SecurityToken;
@@ -44,14 +45,17 @@ public class SAMLSecurityToken extends A
     private final SamlAssertionWrapper samlAssertionWrapper;
     private SecurityToken subjectSecurityToken;
     private Crypto crypto;
+    private WSSSecurityProperties securityProperties;
 
     public SAMLSecurityToken(SamlAssertionWrapper samlAssertionWrapper, SecurityToken subjectSecurityToken,
                              WSSecurityContext wsSecurityContext, Crypto crypto,
-                             String id, WSSConstants.KeyIdentifierType keyIdentifierType)
{
+                             String id, WSSConstants.KeyIdentifierType keyIdentifierType,
+                             WSSSecurityProperties securityProperties) {
         super(wsSecurityContext, id, keyIdentifierType);
         this.samlAssertionWrapper = samlAssertionWrapper;
         this.crypto = crypto;
         this.subjectSecurityToken = subjectSecurityToken;
+        this.securityProperties = securityProperties;
     }
 
     @Override
@@ -100,7 +104,6 @@ public class SAMLSecurityToken extends A
 
     @Override
     public void verify() throws XMLSecurityException {
-        //todo verify public key if exists
         //todo revisit verify for every security token incl. public-key
         //todo should we call verify implicit when accessing the keys?
         try {
@@ -108,8 +111,15 @@ public class SAMLSecurityToken extends A
             if (x509Certificates != null && x509Certificates.length > 0) {
                 //todo I don't think the checkValidity is necessary because the CertPathChecker
                 x509Certificates[0].checkValidity();
-                //todo deprecated method:
-                getCrypto().verifyTrust(x509Certificates);
+                boolean enableRevocation = false;
+                if (securityProperties != null) {
+                    enableRevocation = securityProperties.isEnableRevocation();
+                }
+                getCrypto().verifyTrust(x509Certificates, enableRevocation);
+            }
+            PublicKey publicKey = getPublicKey();
+            if (publicKey != null) {
+                getCrypto().verifyTrust(publicKey);
             }
         } catch (CertificateExpiredException e) {
             throw new WSSecurityException(WSSecurityException.ErrorCode.FAILED_AUTHENTICATION,
e);

Modified: webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/validate/SamlTokenValidatorImpl.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/validate/SamlTokenValidatorImpl.java?rev=1445697&r1=1445696&r2=1445697&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/validate/SamlTokenValidatorImpl.java
(original)
+++ webservices/wss4j/trunk/ws-security-stax/src/main/java/org/apache/ws/security/stax/validate/SamlTokenValidatorImpl.java
Wed Feb 13 15:57:20 2013
@@ -61,7 +61,8 @@ public class SamlTokenValidatorImpl exte
                 samlAssertionWrapper, subjectSecurityToken,
                 tokenContext.getWsSecurityContext(),
                 tokenContext.getWssSecurityProperties().getSignatureVerificationCrypto(),
-                samlAssertionWrapper.getId(), null);
+                samlAssertionWrapper.getId(), null,
+                tokenContext.getWssSecurityProperties());
 
         securityToken.setElementPath(tokenContext.getElementPath());
         securityToken.setXMLSecEvent(tokenContext.getFirstXMLSecEvent());

Modified: webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/ws/security/stax/test/InboundWSSecurityContextImplTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/ws/security/stax/test/InboundWSSecurityContextImplTest.java?rev=1445697&r1=1445696&r2=1445697&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/ws/security/stax/test/InboundWSSecurityContextImplTest.java
(original)
+++ webservices/wss4j/trunk/ws-security-stax/src/test/java/org/apache/ws/security/stax/test/InboundWSSecurityContextImplTest.java
Wed Feb 13 15:57:20 2013
@@ -519,7 +519,8 @@ public class InboundWSSecurityContextImp
         SamlAssertionWrapper samlAssertionWrapper = new SamlAssertionWrapper(samlCallback);
 
         SAMLSecurityToken samlSecurityToken = new SAMLSecurityToken(
-                samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token), null, null,
"1", WSSConstants.WSSKeyIdentifierType.X509_KEY_IDENTIFIER);
+                samlAssertionWrapper, getX509Token(WSSConstants.X509V3Token), null, null,
"1", WSSConstants.WSSKeyIdentifierType.X509_KEY_IDENTIFIER,
+                null);
         samlSecurityToken.setElementPath(samlTokenPath);
         samlSecurityToken.setXMLSecEvent(samlTokenXmlEvent);
         samlSecurityToken.addTokenUsage(SecurityToken.TokenUsage.Encryption);



Mime
View raw message