You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org> on 2008/02/15 16:10:09 UTC
[jira] Created: (CXF-1436) Error in WS-Security 1.1 Signature
Confirmation handling
Error in WS-Security 1.1 Signature Confirmation handling
--------------------------------------------------------
Key: CXF-1436
URL: https://issues.apache.org/jira/browse/CXF-1436
Project: CXF
Issue Type: Bug
Components: WS-* Components
Affects Versions: 2.1
Reporter: Colm O hEigeartaigh
Priority: Minor
Fix For: 2.1
WS-Security 1.1 Signature Confirmation is a mechanism whereby a receiver of a signed SOAP message attaches a "SignatureConfirmation" blob in the responding SOAP message containing the signature that was received. In this way the initiator knows that the signature was received correctly.
In CXF, support for signature confirmation is provided via the WSS4J*Interceptors. However, there's a minor boolean bug in the WSS4JOutInterceptor that mixes up the roles of the requestor and the responder, and hence this feature is broken.
See attached patch for fix and unit test.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Reopened: (CXF-1436) Error in WS-Security 1.1 Signature
Confirmation handling
Posted by "Daniel Kulp (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/CXF-1436?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Daniel Kulp reopened CXF-1436:
------------------------------
I'm going to re-open this as Fred had to disable the test after his fix for CXF-1433. Can you re-look at this?
Thanks!
Dan
> Error in WS-Security 1.1 Signature Confirmation handling
> --------------------------------------------------------
>
> Key: CXF-1436
> URL: https://issues.apache.org/jira/browse/CXF-1436
> Project: CXF
> Issue Type: Bug
> Components: WS-* Components
> Affects Versions: 2.1
> Reporter: Colm O hEigeartaigh
> Assignee: Daniel Kulp
> Priority: Minor
> Fix For: 2.0.5
>
> Attachments: sigconf.patch
>
>
> WS-Security 1.1 Signature Confirmation is a mechanism whereby a receiver of a signed SOAP message attaches a "SignatureConfirmation" blob in the responding SOAP message containing the signature that was received. In this way the initiator knows that the signature was received correctly.
> In CXF, support for signature confirmation is provided via the WSS4J*Interceptors. However, there's a minor boolean bug in the WSS4JOutInterceptor that mixes up the roles of the requestor and the responder, and hence this feature is broken.
> See attached patch for fix and unit test.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (CXF-1436) Error in WS-Security 1.1 Signature
Confirmation handling
Posted by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/CXF-1436?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Colm O hEigeartaigh updated CXF-1436:
-------------------------------------
Attachment: sigconf.patch
> Error in WS-Security 1.1 Signature Confirmation handling
> --------------------------------------------------------
>
> Key: CXF-1436
> URL: https://issues.apache.org/jira/browse/CXF-1436
> Project: CXF
> Issue Type: Bug
> Components: WS-* Components
> Affects Versions: 2.1
> Reporter: Colm O hEigeartaigh
> Priority: Minor
> Fix For: 2.1
>
> Attachments: sigconf.patch
>
>
> WS-Security 1.1 Signature Confirmation is a mechanism whereby a receiver of a signed SOAP message attaches a "SignatureConfirmation" blob in the responding SOAP message containing the signature that was received. In this way the initiator knows that the signature was received correctly.
> In CXF, support for signature confirmation is provided via the WSS4J*Interceptors. However, there's a minor boolean bug in the WSS4JOutInterceptor that mixes up the roles of the requestor and the responder, and hence this feature is broken.
> See attached patch for fix and unit test.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Assigned: (CXF-1436) Error in WS-Security 1.1 Signature
Confirmation handling
Posted by "Daniel Kulp (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/CXF-1436?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Daniel Kulp reassigned CXF-1436:
--------------------------------
Assignee: Daniel Kulp
> Error in WS-Security 1.1 Signature Confirmation handling
> --------------------------------------------------------
>
> Key: CXF-1436
> URL: https://issues.apache.org/jira/browse/CXF-1436
> Project: CXF
> Issue Type: Bug
> Components: WS-* Components
> Affects Versions: 2.1
> Reporter: Colm O hEigeartaigh
> Assignee: Daniel Kulp
> Priority: Minor
> Fix For: 2.1
>
> Attachments: sigconf.patch
>
>
> WS-Security 1.1 Signature Confirmation is a mechanism whereby a receiver of a signed SOAP message attaches a "SignatureConfirmation" blob in the responding SOAP message containing the signature that was received. In this way the initiator knows that the signature was received correctly.
> In CXF, support for signature confirmation is provided via the WSS4J*Interceptors. However, there's a minor boolean bug in the WSS4JOutInterceptor that mixes up the roles of the requestor and the responder, and hence this feature is broken.
> See attached patch for fix and unit test.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Resolved: (CXF-1436) Error in WS-Security 1.1 Signature
Confirmation handling
Posted by "Daniel Kulp (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/CXF-1436?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Daniel Kulp resolved CXF-1436.
------------------------------
Resolution: Fixed
> Error in WS-Security 1.1 Signature Confirmation handling
> --------------------------------------------------------
>
> Key: CXF-1436
> URL: https://issues.apache.org/jira/browse/CXF-1436
> Project: CXF
> Issue Type: Bug
> Components: WS-* Components
> Affects Versions: 2.1
> Reporter: Colm O hEigeartaigh
> Assignee: Daniel Kulp
> Priority: Minor
> Fix For: 2.0.5
>
> Attachments: sigconf.patch
>
>
> WS-Security 1.1 Signature Confirmation is a mechanism whereby a receiver of a signed SOAP message attaches a "SignatureConfirmation" blob in the responding SOAP message containing the signature that was received. In this way the initiator knows that the signature was received correctly.
> In CXF, support for signature confirmation is provided via the WSS4J*Interceptors. However, there's a minor boolean bug in the WSS4JOutInterceptor that mixes up the roles of the requestor and the responder, and hence this feature is broken.
> See attached patch for fix and unit test.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Resolved: (CXF-1436) Error in WS-Security 1.1 Signature
Confirmation handling
Posted by "Daniel Kulp (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/CXF-1436?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Daniel Kulp resolved CXF-1436.
------------------------------
Resolution: Fixed
Fix Version/s: (was: 2.1)
2.0.5
> Error in WS-Security 1.1 Signature Confirmation handling
> --------------------------------------------------------
>
> Key: CXF-1436
> URL: https://issues.apache.org/jira/browse/CXF-1436
> Project: CXF
> Issue Type: Bug
> Components: WS-* Components
> Affects Versions: 2.1
> Reporter: Colm O hEigeartaigh
> Assignee: Daniel Kulp
> Priority: Minor
> Fix For: 2.0.5
>
> Attachments: sigconf.patch
>
>
> WS-Security 1.1 Signature Confirmation is a mechanism whereby a receiver of a signed SOAP message attaches a "SignatureConfirmation" blob in the responding SOAP message containing the signature that was received. In this way the initiator knows that the signature was received correctly.
> In CXF, support for signature confirmation is provided via the WSS4J*Interceptors. However, there's a minor boolean bug in the WSS4JOutInterceptor that mixes up the roles of the requestor and the responder, and hence this feature is broken.
> See attached patch for fix and unit test.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.