You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org> on 2016/10/10 16:15:20 UTC
[jira] [Assigned] (CXF-7080) XmlSecOutInterceptor doesn't recognise
KeyName as a KeyIdentifier
[ https://issues.apache.org/jira/browse/CXF-7080?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Colm O hEigeartaigh reassigned CXF-7080:
----------------------------------------
Assignee: Colm O hEigeartaigh
> XmlSecOutInterceptor doesn't recognise KeyName as a KeyIdentifier
> -----------------------------------------------------------------
>
> Key: CXF-7080
> URL: https://issues.apache.org/jira/browse/CXF-7080
> Project: CXF
> Issue Type: Bug
> Components: JAX-RS Security
> Affects Versions: 3.2.0, 3.1.8
> Reporter: Hugo Trippaers
> Assignee: Colm O hEigeartaigh
> Fix For: 3.2.0, 3.1.8, 3.0.11
>
>
> The KeyIdentifier type KeyName is a known element in the KeyInfo structure (https://www.w3.org/TR/xmldsig-core/#sec-KeyName) however the interceptor XmlSecOutInterceptor doesn't recognise it.
> This causes the interceptor to assume the keyidentifier is X509KeyIdentifier, which in turn causes the undesired behaviour of the message being signed and sent with a keyidentifier that is not parsed by the endpoint. (Who expects a KeyName).
> A small fix is to add KeyName as a valid KeyIdentifier allowing lower level libraries (santuario) to indicate that this KeyIdentifier type is not supported (yet, working on that as well)
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)