You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@cxf.apache.org by "Stefan Pröls (JIRA)" <ji...@apache.org> on 2015/09/22 14:07:04 UTC

[jira] [Comment Edited] (CXF-6582) Support newer symmetric signature algorithms with WS-SecurityPolicy

    [ https://issues.apache.org/jira/browse/CXF-6582?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14902448#comment-14902448 ] 

Stefan Pröls edited comment on CXF-6582 at 9/22/15 12:07 PM:
-------------------------------------------------------------

But right that doesn't have any effect for me in 3.1.3.

See also CXF-2914 and CXF-5200. You can find an example WSDL illustrating the problem in my comment to CXF-5200.

It _almost_ works with your latest changes in 3.1.3, but there are two problems remaining:

1. Basic256Sha256 in the AlgorithmSuite as no effect.
I can live with that as there are the ws-security.(a)symmetric.signature.algorithm properties to set SHA-256 explicitly.

2. While the ws-security.(a)symmetric.signature.algorithm properties set the SignatureMethod just fine, it does not influence the DigestMethods of the signatures' references. CXF keeps using SHA-1 here, even when the SignatureMethod is set to HMAC-SHA256 using the ws-security.symmetric.signature.algorithm property.



was (Author: s.proels):
But right that doesn't have any effect for me in 3.1.3.

See also CXF-6582 and CXF-5200. You can find an example WSDL illustrating the problem in my comment to CXF-5200.

It _almost_ works with your latest changes in 3.1.3, but there are two problems remaining:

1. Basic256Sha256 in the AlgorithmSuite as no effect.
I can live with that as there are the ws-security.(a)symmetric.signature.algorithm properties to set SHA-256 explicitly.

2. While the ws-security.(a)symmetric.signature.algorithm properties set the SignatureMethod just fine, it does not influence the DigestMethods of the signatures' references. CXF keeps using SHA-1 here, even when the SignatureMethod is set to HMAC-SHA256 using the ws-security.symmetric.signature.algorithm property.


> Support newer symmetric signature algorithms with WS-SecurityPolicy
> -------------------------------------------------------------------
>
>                 Key: CXF-6582
>                 URL: https://issues.apache.org/jira/browse/CXF-6582
>             Project: CXF
>          Issue Type: Bug
>            Reporter: Colm O hEigeartaigh
>            Assignee: Colm O hEigeartaigh
>             Fix For: 3.1.3, 3.0.7
>
>         Attachments: req-3.1.3.xml
>
>
> This task is to support using symmetric signature algorithms other than the default (HMAC-SHA1) with WS-SecurityPolicy.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)