You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by "Nandana Mihindukulasooriya (JIRA)" <ji...@apache.org> on 2008/01/08 13:51:34 UTC
[jira] Commented: (RAMPART-68) Restrictions in key references are
not working
[ https://issues.apache.org/jira/browse/RAMPART-68?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12556887#action_12556887 ]
Nandana Mihindukulasooriya commented on RAMPART-68:
---------------------------------------------------
If you want to enforce a particular reference type, you have to use one of
<sp:RequireKeyIdentifierReference ... />
<sp:RequireIssuerSerialReference ... />
<sp:RequireEmbeddedTokenReference ... />
<sp:RequireThumbprintReference ... />
element in your token assertion.
>From the WS - Security policy language specification.
<sp:RequireKeyIdentifierReference ... />
This optional element indicates that a key identifier reference is required when referencing this token.
<sp:MustSupportReferenceKeyIdentifier/> - [Key Identifier References]
This boolean property indicates whether the initiator and recipient MUST be able to process key-specific identifier token references. A value of 'true' indicates that the initiator and recipient MUST be able to generate and process such references. A value of 'false' indicates that the initiator and recipient MUST NOT generate such references and that the initiator and recipient MAY send a fault if such references are encountered. This property has a default value of 'false'.
> Restrictions in key references are not working
> ----------------------------------------------
>
> Key: RAMPART-68
> URL: https://issues.apache.org/jira/browse/RAMPART-68
> Project: Rampart
> Issue Type: Bug
> Components: rampart-policy
> Affects Versions: 1.2
> Environment: Windows XP SP2, Java 1.6, Tomcat 6.0
> Reporter: Jorge Fernández
>
> Even if I set in my service policy only this parameter <sp:MustSupportReferenceKeyIdentifier/>, it accepts IssuerSerialReferences. The sources are the same as https://issues.apache.org/jira/browse/RAMPART-64 and https://issues.apache.org/jira/browse/RAMPART-67
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.