Author: coheigea
Date: Tue Sep 30 08:17:40 2008
New Revision: 700498
URL: http://svn.apache.org/viewvc?rev=700498&view=rev
Log:
[WSS-94] - Some updates to WSHandler#VerifyTrust
- The issue reported here has been resolved by WSS-52
- I spotted a bug in that the received cert was being written to, and hence we
have a
problem if the trust path of the first found issuer alias is bad.
Modified:
webservices/wss4j/trunk/src/org/apache/ws/security/components/crypto/CryptoBase.java
webservices/wss4j/trunk/src/org/apache/ws/security/handler/WSHandler.java
Modified:
webservices/wss4j/trunk/src/org/apache/ws/security/components/crypto/CryptoBase.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/components/crypto/CryptoBase.java?rev=700498&r1=700497&r2=700498&view=diff
==============================================================================
---
webservices/wss4j/trunk/src/org/apache/ws/security/components/crypto/CryptoBase.java
(original)
+++
webservices/wss4j/trunk/src/org/apache/ws/security/components/crypto/CryptoBase.java
Tue Sep 30 08:17:40 2008
@@ -164,10 +164,10 @@
/**
* Lookup a X509 Certificate in the keystore according to a given
- * the issuer of a Certficate.
+ * the issuer of a Certificate.
* <p/>
* The search gets all alias names of the keystore and gets the
certificate chain
- * for each alias. Then the Issuer fo each certificate of the chain
+ * for each alias. Then the Issuer for each certificate of the chain
* is compared with the parameters.
*
* @param issuer The issuer's name for the certificate
@@ -199,7 +199,7 @@
/*
* need to check if "getCertificateChain" also finds certificates that are
- * used for enryption only, i.e. they may not be signed by a CA
+ * used for encryption only, i.e. they may not be signed by a CA
* Otherwise we must define a restriction how to use certificate:
* each certificate must be signed by a CA or is a self signed Certificate
* (this should work as well).
@@ -358,7 +358,7 @@
if (cert != null) {
certs = new Certificate[]{cert};
} else if (certs == null) {
- // At this pont we don't have certs or a cert
+ // At this point we don't have certs or a cert
return null;
}
} catch (KeyStoreException e) {
@@ -521,7 +521,6 @@
*/
public String[] getAliasesForDN(String subjectDN) throws
WSSecurityException {
-
// The DN to search the keystore for
Vector subjectRDN = splitAndTrim(subjectDN);
Vector aliases = getAlias(subjectRDN, keystore);
Modified:
webservices/wss4j/trunk/src/org/apache/ws/security/handler/WSHandler.java
URL:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/org/apache/ws/security/handler/WSHandler.java?rev=700498&r1=700497&r2=700498&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/handler/WSHandler.java
(original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/handler/WSHandler.java
Tue Sep 30 08:17:40 2008
@@ -1097,8 +1097,7 @@
x509certs[0] = cert;
// ... and the other certificates
for (int j = 0; j < certs.length; j++) {
- cert = certs[j];
- x509certs[j + 1] = cert;
+ x509certs[j + 1] = certs[j];
}
certs = x509certs;
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
