ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1632517 - in /webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom: message/DOMCallbackLookup.java util/WSSecurityUtil.java
Date Fri, 17 Oct 2014 08:57:30 GMT
Author: coheigea
Date: Fri Oct 17 08:57:29 2014
New Revision: 1632517

URL: http://svn.apache.org/r1632517
Log:
[WSS-517] - Cannot resolve WSS signature reference URI that points to AssertionID attribute
of SAML 1.1 token

Modified:
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/DOMCallbackLookup.java
    webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/WSSecurityUtil.java

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/DOMCallbackLookup.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/DOMCallbackLookup.java?rev=1632517&r1=1632516&r2=1632517&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/DOMCallbackLookup.java
(original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/message/DOMCallbackLookup.java
Fri Oct 17 08:57:29 2014
@@ -76,13 +76,15 @@ public class DOMCallbackLookup implement
     public Element getAndRegisterElement(
         String id, String valueType, boolean checkMultipleElements, DOMCryptoContext context
     ) throws WSSecurityException {
+        String idToMatch = WSSecurityUtil.getIDFromReference(id);
+        
         //
         // Try the SOAP Body first
         //
         Element bodyElement = WSSecurityUtil.findBodyElement(doc);
         if (bodyElement != null) {
             String cId = bodyElement.getAttributeNS(WSConstants.WSU_NS, "Id");
-            if (cId.equals(id)) {
+            if (cId.equals(idToMatch)) {
                 if (context != null) {
                     context.setIdAttributeNS(bodyElement, WSConstants.WSU_NS, "Id");
                 }
@@ -91,13 +93,9 @@ public class DOMCallbackLookup implement
         }
         // Otherwise do a general search
         Element foundElement = 
-            WSSecurityUtil.findElementById(doc.getDocumentElement(), id, checkMultipleElements);
+            WSSecurityUtil.findElementById(doc.getDocumentElement(), idToMatch, checkMultipleElements);
         if (foundElement != null) {
             if (context != null) {
-                String idToMatch = id;
-                if (idToMatch.charAt(0) == '#') {
-                    idToMatch = idToMatch.substring(1);
-                }
                 if (foundElement.hasAttributeNS(WSConstants.WSU_NS, "Id")
                     && idToMatch.equals(foundElement.getAttributeNS(WSConstants.WSU_NS,
"Id"))) {
                     context.setIdAttributeNS(foundElement, WSConstants.WSU_NS, "Id");
@@ -120,13 +118,9 @@ public class DOMCallbackLookup implement
             || valueType == null) {
             foundElement = 
                 WSSecurityUtil.findSAMLAssertionElementById(
-                    doc.getDocumentElement(), id
+                    doc.getDocumentElement(), idToMatch
                 );
             if (foundElement != null) {
-                String idToMatch = id;
-                if (idToMatch.charAt(0) == '#') {
-                    idToMatch = idToMatch.substring(1);
-                }
                 if (context != null) {
                     if (foundElement.hasAttributeNS(null, "ID")
                         && idToMatch.equals(foundElement.getAttributeNS(null, "ID")))
{

Modified: webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/WSSecurityUtil.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/WSSecurityUtil.java?rev=1632517&r1=1632516&r2=1632517&view=diff
==============================================================================
--- webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/WSSecurityUtil.java
(original)
+++ webservices/wss4j/trunk/ws-security-dom/src/main/java/org/apache/wss4j/dom/util/WSSecurityUtil.java
Fri Oct 17 08:57:29 2014
@@ -631,6 +631,9 @@ public final class WSSecurityUtil {
      *         correctly formed
      */
     public static String getIDFromReference(String ref) {
+        if (ref == null) {
+            return null;
+        }
         String id = ref.trim();
         if (id.length() == 0) {
             return null;



Mime
View raw message