You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by "Thomas Leonard (JIRA)" <ji...@apache.org> on 2007/08/17 14:44:30 UTC
[jira] Created: (RAMPART-73) Rampart hard-codes the module name,
and so can't be extended
Rampart hard-codes the module name, and so can't be extended
------------------------------------------------------------
Key: RAMPART-73
URL: https://issues.apache.org/jira/browse/RAMPART-73
Project: Rampart
Issue Type: Bug
Components: rampart-core
Environment: Subversion revision 564197
Reporter: Thomas Leonard
The Rampart code suggests that some methods can be overridden in subclasses (for example, PolicyBasedResultsValidator.verifyTrust).
Therefore, I have created my own Axis 2 module subclassing Rampart, and specified the same handlers in my module.xml. However, no security processing is now performed because Rampart checks that its own name is WSSHandlerConstants.SECURITY_MODULE_NAME ("rampart") at the start of certain key methods, e.g. in RampartSender:
public InvocationResponse invoke(MessageContext msgContext) throws AxisFault {
if (!msgContext.isEngaged(WSSHandlerConstants.SECURITY_MODULE_NAME)) {
return InvocationResponse.CONTINUE;
}
What are these checks for? Surely Axis 2 won't invoke a non-engaged handler anyway?
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Resolved: (RAMPART-73) Rampart hard-codes the module name,
and so can't be extended
Posted by "Nandana Mihindukulasooriya (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-73?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Nandana Mihindukulasooriya resolved RAMPART-73.
-----------------------------------------------
Resolution: Fixed
Fixed. We can now provide a custom validater using RampartConfig paramater "policyValidatorCbClass".
> Rampart hard-codes the module name, and so can't be extended
> ------------------------------------------------------------
>
> Key: RAMPART-73
> URL: https://issues.apache.org/jira/browse/RAMPART-73
> Project: Rampart
> Issue Type: Bug
> Components: rampart-core
> Environment: Subversion revision 564197
> Reporter: Thomas Leonard
> Attachments: subclass.patch
>
>
> The Rampart code suggests that some methods can be overridden in subclasses (for example, PolicyBasedResultsValidator.verifyTrust).
> Therefore, I have created my own Axis 2 module subclassing Rampart, and specified the same handlers in my module.xml. However, no security processing is now performed because Rampart checks that its own name is WSSHandlerConstants.SECURITY_MODULE_NAME ("rampart") at the start of certain key methods, e.g. in RampartSender:
> public InvocationResponse invoke(MessageContext msgContext) throws AxisFault {
>
> if (!msgContext.isEngaged(WSSHandlerConstants.SECURITY_MODULE_NAME)) {
> return InvocationResponse.CONTINUE;
> }
> What are these checks for? Surely Axis 2 won't invoke a non-engaged handler anyway?
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (RAMPART-73) Rampart hard-codes the module name,
and so can't be extended
Posted by "Thomas Leonard (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-73?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Thomas Leonard updated RAMPART-73:
----------------------------------
Attachment: subclass.patch
This patch allows RampartEngine subclasses to specify their own validators, including a subclass of PolicyBasedResultsValidator, and allows subclasses of RampartReceiver to use their own implementations of RampartEngine.
It does not fix the problem with the hard-coded module name.
> Rampart hard-codes the module name, and so can't be extended
> ------------------------------------------------------------
>
> Key: RAMPART-73
> URL: https://issues.apache.org/jira/browse/RAMPART-73
> Project: Rampart
> Issue Type: Bug
> Components: rampart-core
> Environment: Subversion revision 564197
> Reporter: Thomas Leonard
> Attachments: subclass.patch
>
>
> The Rampart code suggests that some methods can be overridden in subclasses (for example, PolicyBasedResultsValidator.verifyTrust).
> Therefore, I have created my own Axis 2 module subclassing Rampart, and specified the same handlers in my module.xml. However, no security processing is now performed because Rampart checks that its own name is WSSHandlerConstants.SECURITY_MODULE_NAME ("rampart") at the start of certain key methods, e.g. in RampartSender:
> public InvocationResponse invoke(MessageContext msgContext) throws AxisFault {
>
> if (!msgContext.isEngaged(WSSHandlerConstants.SECURITY_MODULE_NAME)) {
> return InvocationResponse.CONTINUE;
> }
> What are these checks for? Surely Axis 2 won't invoke a non-engaged handler anyway?
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.