You are viewing a plain text version of this content. The canonical link for it is here.

Posted to rampart-dev@ws.apache.org by Gary Snider <ga...@gmail.com> on 2008/08/22 17:34:02 UTC

support for Encrypting Body sub-elements

Right now when we send a request that has encrypted Body sub-elements
Rampart 1.4  PolicyBasedResultsValidator line 423 throws a RampartException
because it's only looking for the entire Body to be encrypted.

Is this a known issue in Rampart/Java that it does not support encrypted
parts in the Body?

Request looks like this:  Notice that we only want the content of the echo
element encrypted.
<soapenv:Body wsu:Id="id-9234090"
        xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
">
        <echo:echo>
            <xenc:EncryptedData Id="EncDataId-30833902"
                Type="http://www.w3.org/2001/04/xmlenc#Content">
                <xenc:EncryptionMethod    Algorithm="
http://www.w3.org/2001/04/xmlenc#aes256-cbc" />
                <ds:KeyInfo   xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                    <wsse:SecurityTokenReference
                        xmlns:wsse="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
">
                        <wsse:Reference URI="#EncKeyId-21292038" />
                    </wsse:SecurityTokenReference>
                </ds:KeyInfo>
                <xenc:CipherData>
                    <xenc:CipherValue>
                        mYMIlDr8nwRJVwAUIOr3jIgNvSRdUmotgpZYzIPV2ww=
                    </xenc:CipherValue>
                </xenc:CipherData>
            </xenc:EncryptedData>
        </echo:echo>
    </soapenv:Body>

Re: support for Encrypting Body sub-elements

Posted by Nandana Mihindukulasooriya <na...@gmail.com>.

Hi Gary,
       will it be possible to post your Rampart configuration (at the server
side) so that we can see whether this is a bug or the expected behavior ?

thanks,
nandana



On Fri, Aug 22, 2008 at 9:04 PM, Gary Snider <ga...@gmail.com>wrote:

> Right now when we send a request that has encrypted Body sub-elements
> Rampart 1.4  PolicyBasedResultsValidator line 423 throws a RampartException
> because it's only looking for the entire Body to be encrypted.
>
> Is this a known issue in Rampart/Java that it does not support encrypted
> parts in the Body?
>
> Request looks like this:  Notice that we only want the content of the echo
> element encrypted.
> <soapenv:Body wsu:Id="id-9234090"
>        xmlns:wsu="
>
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> ">
>        <echo:echo>
>            <xenc:EncryptedData Id="EncDataId-30833902"
>                Type="http://www.w3.org/2001/04/xmlenc#Content">
>                <xenc:EncryptionMethod    Algorithm="
> http://www.w3.org/2001/04/xmlenc#aes256-cbc" />
>                <ds:KeyInfo   xmlns:ds="http://www.w3.org/2000/09/xmldsig#
> ">
>                    <wsse:SecurityTokenReference
>                        xmlns:wsse="
>
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
> ">
>                        <wsse:Reference URI="#EncKeyId-21292038" />
>                    </wsse:SecurityTokenReference>
>                </ds:KeyInfo>
>                <xenc:CipherData>
>                    <xenc:CipherValue>
>                        mYMIlDr8nwRJVwAUIOr3jIgNvSRdUmotgpZYzIPV2ww=
>                    </xenc:CipherValue>
>                </xenc:CipherData>
>            </xenc:EncryptedData>
>        </echo:echo>
>    </soapenv:Body>
>



-- 
Nandana Mihindukulasooriya
WSO2 inc.

http://nandana83.blogspot.com/
http://www.wso2.org