Uploaded image for project: 'CXF'
  1. CXF
  2. CXF-3484

Password set to null in UsernameTokenValidator

    XMLWordPrintableJSON

    Details

    • Estimated Complexity:
      Novice

      Description

      When trying to do basic authentication in Soap header with UserNameToken, token is well read from XML, but badly passed to password callback.
      Line 165 of org.apache.ws.security.validate.UsernameTokenValidator :

      WSPasswordCallback pwCb =
      new WSPasswordCallback(user, null, pwType, WSPasswordCallback.USERNAME_TOKEN, data);

      The password is set to null, while it has been correcty read just before.

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              superkoni Nicolas Poirot
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: