Details
-
Bug
-
Status: Closed
-
Minor
-
Resolution: Fixed
-
1.6.4
-
None
-
None
Description
While using WSS4J with CXF webservices I've found an issue with large strings in usernametoken fields. When username or password is very long (3500 chars and more) their content is trimmed - and don't even ask how I've found it
The problem is in class org.apache.ws.security.message.token.UsernameToken. There is a method "private String nodeString(Element e)" that takes an Element of token and returns its text representation.
When token property is very long XML parser emits more than one text node, but method gets text only from the first node - this is totally bad.
Possible solution is to replace this method with something like
private String nodeString(Element e) {
if (e != null)
return null;
}