Author: coheigea
Date: Wed Dec 22 11:05:09 2010
New Revision: 1051835
URL: http://svn.apache.org/viewvc?rev=1051835&view=rev
Log:
[WSS-261] - Added support for processing SAML Subject Confirmation keys that use
issuer serial.
Modified:
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/SAMLUtil.java
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/WSSecSignatureSAML.java
Modified:
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/SAMLUtil.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/SAMLUtil.java?rev=1051835&r1=1051834&r2=1051835&view=diff
==============================================================================
---
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/SAMLUtil.java
(original)
+++
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/SAMLUtil.java
Wed Dec 22 11:05:09 2010
@@ -51,6 +51,7 @@ import javax.xml.crypto.dsig.keyinfo.Key
import javax.xml.crypto.dsig.keyinfo.KeyInfoFactory;
import javax.xml.crypto.dsig.keyinfo.KeyValue;
import javax.xml.crypto.dsig.keyinfo.X509Data;
+import javax.xml.crypto.dsig.keyinfo.X509IssuerSerial;
import javax.xml.namespace.QName;
import java.security.PublicKey;
@@ -164,6 +165,14 @@ public class SAMLUtil {
certs = new X509Certificate[1];
certs[0] = (X509Certificate)x509obj;
return new SAMLKeyInfo(assertion,
certs);
+ } else if (x509obj instanceof
X509IssuerSerial) {
+ String alias =
+ crypto.getAliasForX509Cert(
+
((X509IssuerSerial)x509obj).getIssuerName(),
+
((X509IssuerSerial)x509obj).getSerialNumber()
+ );
+ certs = crypto.getCertificates(alias);
+ return new SAMLKeyInfo(assertion,
certs);
}
}
}
Modified:
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/WSSecSignatureSAML.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/WSSecSignatureSAML.java?rev=1051835&r1=1051834&r2=1051835&view=diff
==============================================================================
---
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/WSSecSignatureSAML.java
(original)
+++
webservices/wss4j/trunk/src/main/java/org/apache/ws/security/saml/WSSecSignatureSAML.java
Wed Dec 22 11:05:09 2010
@@ -61,6 +61,7 @@ import javax.xml.crypto.dsig.keyinfo.Key
import javax.xml.crypto.dsig.keyinfo.KeyInfoFactory;
import javax.xml.crypto.dsig.keyinfo.KeyValue;
import javax.xml.crypto.dsig.keyinfo.X509Data;
+import javax.xml.crypto.dsig.keyinfo.X509IssuerSerial;
import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec;
import javax.xml.crypto.dsig.spec.ExcC14NParameterSpec;
@@ -288,6 +289,14 @@ public class WSSecSignatureSAML extends
certs = new X509Certificate[1];
certs[0] = (X509Certificate)x509obj;
break;
+ } else if (x509obj instanceof X509IssuerSerial) {
+ String alias =
+ userCrypto.getAliasForX509Cert(
+
((X509IssuerSerial)x509obj).getIssuerName(),
+
((X509IssuerSerial)x509obj).getSerialNumber()
+ );
+ certs = userCrypto.getCertificates(alias);
+ break;
}
}
}
