Repository: cxf Updated Branches: refs/heads/master 51db79ca7 -> 53889ee97
[CXF-6032] - NullPointerException while validating cert for SAML HOK Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/53889ee9 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/53889ee9 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/53889ee9 Branch: refs/heads/master Commit: 53889ee97a637f07fe39dc3d7d75714ed016ff4e Parents: 51db79c Author: Colm O hEigeartaigh <[email protected]> Authored: Sat Oct 4 23:47:01 2014 +0100 Committer: Colm O hEigeartaigh <[email protected]> Committed: Sat Oct 4 23:48:54 2014 +0100 ---------------------------------------------------------------------- .../apache/cxf/sts/token/provider/DefaultSubjectProvider.java | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/53889ee9/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/DefaultSubjectProvider.java ---------------------------------------------------------------------- diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/DefaultSubjectProvider.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/DefaultSubjectProvider.java index 154ab7c..b04886d 100644 --- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/DefaultSubjectProvider.java +++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/DefaultSubjectProvider.java @@ -21,8 +21,11 @@ package org.apache.cxf.sts.token.provider; import java.security.Principal; import java.security.PublicKey; import java.security.cert.X509Certificate; +import java.util.Collection; +import java.util.Collections; import java.util.logging.Level; import java.util.logging.Logger; +import java.util.regex.Pattern; import org.w3c.dom.Document; import org.w3c.dom.Element; @@ -173,8 +176,9 @@ public class DefaultSubjectProvider implements SubjectProvider { if (stsProperties.isValidateUseKey() && stsProperties.getSignatureCrypto() != null) { if (receivedKey.getX509Cert() != null) { try { + Collection<Pattern> constraints = Collections.emptyList(); stsProperties.getSignatureCrypto().verifyTrust( - new X509Certificate[]{receivedKey.getX509Cert()}, false, null); + new X509Certificate[]{receivedKey.getX509Cert()}, false, constraints); } catch (WSSecurityException e) { LOG.log(Level.FINE, "Error in trust validation of UseKey: ", e); throw new STSException("Error in trust validation of UseKey", STSException.REQUEST_FAILED);
