You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by Gary Snider <ga...@gmail.com> on 2008/08/22 17:34:02 UTC
support for Encrypting Body sub-elements
Right now when we send a request that has encrypted Body sub-elements
Rampart 1.4 PolicyBasedResultsValidator line 423 throws a RampartException
because it's only looking for the entire Body to be encrypted.
Is this a known issue in Rampart/Java that it does not support encrypted
parts in the Body?
Request looks like this: Notice that we only want the content of the echo
element encrypted.
<soapenv:Body wsu:Id="id-9234090"
xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
">
<echo:echo>
<xenc:EncryptedData Id="EncDataId-30833902"
Type="http://www.w3.org/2001/04/xmlenc#Content">
<xenc:EncryptionMethod Algorithm="
http://www.w3.org/2001/04/xmlenc#aes256-cbc" />
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<wsse:SecurityTokenReference
xmlns:wsse="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
">
<wsse:Reference URI="#EncKeyId-21292038" />
</wsse:SecurityTokenReference>
</ds:KeyInfo>
<xenc:CipherData>
<xenc:CipherValue>
mYMIlDr8nwRJVwAUIOr3jIgNvSRdUmotgpZYzIPV2ww=
</xenc:CipherValue>
</xenc:CipherData>
</xenc:EncryptedData>
</echo:echo>
</soapenv:Body>
Re: support for Encrypting Body sub-elements
Posted by Nandana Mihindukulasooriya <na...@gmail.com>.
Hi Gary,
will it be possible to post your Rampart configuration (at the server
side) so that we can see whether this is a bug or the expected behavior ?
thanks,
nandana
On Fri, Aug 22, 2008 at 9:04 PM, Gary Snider <ga...@gmail.com>wrote:
> Right now when we send a request that has encrypted Body sub-elements
> Rampart 1.4 PolicyBasedResultsValidator line 423 throws a RampartException
> because it's only looking for the entire Body to be encrypted.
>
> Is this a known issue in Rampart/Java that it does not support encrypted
> parts in the Body?
>
> Request looks like this: Notice that we only want the content of the echo
> element encrypted.
> <soapenv:Body wsu:Id="id-9234090"
> xmlns:wsu="
>
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> ">
> <echo:echo>
> <xenc:EncryptedData Id="EncDataId-30833902"
> Type="http://www.w3.org/2001/04/xmlenc#Content">
> <xenc:EncryptionMethod Algorithm="
> http://www.w3.org/2001/04/xmlenc#aes256-cbc" />
> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#
> ">
> <wsse:SecurityTokenReference
> xmlns:wsse="
>
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
> ">
> <wsse:Reference URI="#EncKeyId-21292038" />
> </wsse:SecurityTokenReference>
> </ds:KeyInfo>
> <xenc:CipherData>
> <xenc:CipherValue>
> mYMIlDr8nwRJVwAUIOr3jIgNvSRdUmotgpZYzIPV2ww=
> </xenc:CipherValue>
> </xenc:CipherData>
> </xenc:EncryptedData>
> </echo:echo>
> </soapenv:Body>
>
--
Nandana Mihindukulasooriya
WSO2 inc.
http://nandana83.blogspot.com/
http://www.wso2.org