You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-dev@axis.apache.org by "Stefan Vladov (JIRA)" <ji...@apache.org> on 2012/09/18 13:12:08 UTC
[jira] [Created] (RAMPART-389) RampartException: "Unexpected
signature" thrown on client side when the service policy requires
SignatureConfirmation and it is the only signed element.
Stefan Vladov created RAMPART-389:
-------------------------------------
Summary: RampartException: "Unexpected signature" thrown on client side when the service policy requires SignatureConfirmation and it is the only signed element.
Key: RAMPART-389
URL: https://issues.apache.org/jira/browse/RAMPART-389
Project: Rampart
Issue Type: Bug
Components: rampart-core
Affects Versions: 1.6.2
Reporter: Stefan Vladov
When validating signed parts the PolicyBasedResultsValidator does not handle SignatureConfirmation when receiving the service response. According to the security policy specification the wsse11:SignatureConfirmation element should be covered by the message signature, but rampart validator fails with "Unexpected signature" in case the SignatureConfirmation is the only signed thing in the response message, because it is not added to the list of expected signed parts/elements.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org
[jira] [Updated] (RAMPART-389) RampartException: "Unexpected
signature" thrown on client side when the service policy requires
SignatureConfirmation and it is the only signed element.
Posted by "Stefan Vladov (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-389?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Stefan Vladov updated RAMPART-389:
----------------------------------
Attachment: SignatureConfirmationPatch.txt
Attached a simple patch with suggested solution.
> RampartException: "Unexpected signature" thrown on client side when the service policy requires SignatureConfirmation and it is the only signed element.
> --------------------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: RAMPART-389
> URL: https://issues.apache.org/jira/browse/RAMPART-389
> Project: Rampart
> Issue Type: Bug
> Components: rampart-core
> Affects Versions: 1.6.2
> Reporter: Stefan Vladov
> Attachments: SignatureConfirmationPatch.txt, SignatureConfirmationPolicy.xml
>
>
> When validating signed parts the PolicyBasedResultsValidator does not handle SignatureConfirmation when receiving the service response. According to the security policy specification the wsse11:SignatureConfirmation element should be covered by the message signature, but rampart validator fails with "Unexpected signature" in case the SignatureConfirmation is the only signed thing in the response message, because it is not added to the list of expected signed parts/elements.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org
[jira] [Updated] (RAMPART-389) RampartException: "Unexpected
signature" thrown on client side when the service policy requires
SignatureConfirmation and it is the only signed element.
Posted by "Stefan Vladov (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-389?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Stefan Vladov updated RAMPART-389:
----------------------------------
Attachment: SignatureConfirmationPolicy.xml
Attaching the policy used to simulate the issue
> RampartException: "Unexpected signature" thrown on client side when the service policy requires SignatureConfirmation and it is the only signed element.
> --------------------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: RAMPART-389
> URL: https://issues.apache.org/jira/browse/RAMPART-389
> Project: Rampart
> Issue Type: Bug
> Components: rampart-core
> Affects Versions: 1.6.2
> Reporter: Stefan Vladov
> Attachments: SignatureConfirmationPolicy.xml
>
>
> When validating signed parts the PolicyBasedResultsValidator does not handle SignatureConfirmation when receiving the service response. According to the security policy specification the wsse11:SignatureConfirmation element should be covered by the message signature, but rampart validator fails with "Unexpected signature" in case the SignatureConfirmation is the only signed thing in the response message, because it is not added to the list of expected signed parts/elements.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org