You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ws.apache.org by "Aslak Os (JIRA)" <ji...@apache.org> on 2014/07/23 12:34:39 UTC

[jira] [Commented] (WSS-506) Wss4jSecurityInterceptor.verifyCertificateTrust does not respect validators from WSSConfig

    [ https://issues.apache.org/jira/browse/WSS-506?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14071581#comment-14071581 ] 

Aslak Os commented on WSS-506:
------------------------------

I am sorry, this bug should be derected to spring-ws and not here. I will do so. 


> Wss4jSecurityInterceptor.verifyCertificateTrust does not respect validators from WSSConfig
> ------------------------------------------------------------------------------------------
>
>                 Key: WSS-506
>                 URL: https://issues.apache.org/jira/browse/WSS-506
>             Project: WSS4J
>          Issue Type: Bug
>          Components: WSS4J Core
>    Affects Versions: 2.0.1
>            Reporter: Aslak Os
>            Assignee: Colm O hEigeartaigh
>
> While working on a custom certificate trust system. I discovert that in order to supply a custom validator of trust i had to both set it in WSSConfig and override the verifyCertificateTrust method. 
> The reason is that the verifyCertificateTrust instansiate a Validator hardcoded by name useing its constructor. 
> I would assume and prefer that it used the configuration set in WSSConfig. How ever it could be that this is done intentionally.  



--
This message was sent by Atlassian JIRA
(v6.2#6252)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org