Apply cert constraints in verifyCertificateTrust as well

snicoll · snicoll · commit ef00c3e2db7f · 2025-04-09T16:39:02.000+02:00
Closes gh-1520
diff --git a/spring-ws-security/src/main/java/org/springframework/ws/soap/security/wss4j2/Wss4jSecurityInterceptor.java b/spring-ws-security/src/main/java/org/springframework/ws/soap/security/wss4j2/Wss4jSecurityInterceptor.java
@@ -926,6 +926,7 @@ protected void verifyCertificateTrust(WSHandlerResult result) throws WSSecurityE
 			RequestData requestData = new RequestData();
 			requestData.setSigVerCrypto(this.validationSignatureCrypto);
 			requestData.setEnableRevocation(this.enableRevocation);
+			requestData.setSubjectCertConstraints(this.signatureSubjectDnPatterns);
 
 			Validator validator = (this.wssConfig != null) ? this.wssConfig.getValidator(WSConstants.SIGNATURE) : null;
 			if (validator == null) {
