Author: ruchithf
Date: Wed Jan 30 21:54:46 2013
New Revision: 1440696
URL: http://svn.apache.org/viewvc?rev=1440696&view=rev
Log:
Validate the NoPassword case
Modified:
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java
Modified:
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java
URL:
http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java?rev=1440696&r1=1440695&r2=1440696&view=diff
==============================================================================
---
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java
(original)
+++
axis/axis2/java/rampart/trunk/modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java
Wed Jan 30 21:54:46 2013
@@ -323,12 +323,18 @@ public class PolicyBasedResultsValidator
org.apache.ws.security.message.token.UsernameToken wssUt =
(org.apache.ws.security.message.token.UsernameToken)
utResult.get(WSSecurityEngineResult.TAG_USERNAME_TOKEN);
- if(ut.isHashPassword() &&
!wssUt.getPasswordType().equals(WSConstants.PASSWORD_DIGEST)) {
+
+ if(ut.isNoPassword() && wssUt.getPassword() != null) {
+ throw new RampartException("invalidUsernameTokenType");
+ }
+
+ if(ut.isHashPassword() && !wssUt.isHashed()) {
throw new RampartException("invalidUsernameTokenType");
} else if
(!wssUt.getPasswordType().equals(WSConstants.PASSWORD_TEXT)) {
throw new RampartException("invalidUsernameTokenType");
}
+
} else if (token instanceof IssuedToken) {
//TODO is is enough to check for ST_UNSIGNED results ??
