Author: sguilhen(a)redhat.com
Date: 2009-09-03 14:32:05 -0400 (Thu, 03 Sep 2009)
New Revision: 761
Modified:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/wstrust/JBossSTSConfiguration.java
Log:
JBID-137: TruststoreAlias is now verified first. Only if it has not been specified we use
the mappings defined in the KeyProvider section to obtain the service provider PKC
Modified:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/wstrust/JBossSTSConfiguration.java
===================================================================
---
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/wstrust/JBossSTSConfiguration.java 2009-09-03
18:24:08 UTC (rev 760)
+++
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/jboss/wstrust/JBossSTSConfiguration.java 2009-09-03
18:32:05 UTC (rev 761)
@@ -242,15 +242,16 @@
{
try
{
- key = this.trustManager.getValidatingKey(serviceName);
+ // try using the truststore alias from the service provider metadata.
+ ServiceProviderType provider = this.spMetadata.get(serviceName);
+ if(provider != null && provider.getTruststoreAlias() != null)
+ {
+ key = this.trustManager.getPublicKey(provider.getTruststoreAlias());
+ }
+ // if there was no truststore alias or no PKC under that alias, use the
KeyProvider mapping.
if(key == null)
{
- // try using the truststore alias from the service provider metadata.
- ServiceProviderType provider = this.spMetadata.get(serviceName);
- if(provider != null && provider.getTruststoreAlias() != null)
- {
- key = this.trustManager.getPublicKey(provider.getTruststoreAlias());
- }
+ key = this.trustManager.getValidatingKey(serviceName);
}
}
catch (Exception e)
Show replies by date