You are viewing a plain text version of this content. The canonical link for it is here.

Posted to rampart-dev@ws.apache.org by "Nandana Mihindukulasooriya (JIRA)" <ji...@apache.org> on 2008/01/08 13:51:34 UTC

[jira] Commented: (RAMPART-68) Restrictions in key references are not working

    [ https://issues.apache.org/jira/browse/RAMPART-68?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12556887#action_12556887 ] 

Nandana Mihindukulasooriya commented on RAMPART-68:
---------------------------------------------------

If you want to enforce a particular reference type, you have to use one of 

<sp:RequireKeyIdentifierReference ... /> 
<sp:RequireIssuerSerialReference ... /> 
<sp:RequireEmbeddedTokenReference ... /> 
<sp:RequireThumbprintReference ... /> 

element in your token assertion.

>From the WS - Security policy language specification.

<sp:RequireKeyIdentifierReference ... /> 
This optional element indicates that a key identifier reference is required when referencing this token.

<sp:MustSupportReferenceKeyIdentifier/> - [Key Identifier References]
This boolean property indicates whether the initiator and recipient MUST be able to process key-specific identifier token references. A value of 'true' indicates that the initiator and recipient MUST be able to generate and process such references. A value of 'false' indicates that the initiator and recipient MUST NOT generate such references and that the initiator and recipient MAY send a fault if such references are encountered. This property has a default value of 'false'.

> Restrictions in key references are not working
> ----------------------------------------------
>
>                 Key: RAMPART-68
>                 URL: https://issues.apache.org/jira/browse/RAMPART-68
>             Project: Rampart
>          Issue Type: Bug
>          Components: rampart-policy
>    Affects Versions: 1.2
>         Environment: Windows XP SP2, Java 1.6, Tomcat 6.0
>            Reporter: Jorge Fernández
>
> Even if I set in my service policy only this parameter <sp:MustSupportReferenceKeyIdentifier/>,  it accepts IssuerSerialReferences. The sources are the same as https://issues.apache.org/jira/browse/RAMPART-64  and https://issues.apache.org/jira/browse/RAMPART-67

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.