You are viewing a plain text version of this content. The canonical link for it is here.
Posted to fx-dev@ws.apache.org by Werner Dittmann <We...@t-online.de> on 2005/09/11 11:26:41 UTC

Re: svn commit: r279405 - in /webservices/wss4j/branches/WSS4J_1_1_0_FINAL/src/org/apache/ws/security...

Dims,

this patch applies only if a we need

a) to parse a BinarySecurityToken. In the spec the encoding
   attribute is _not_ specified as optional.

b) to parse a security token that is directly included in the
   KeyIdentifier as an encoded value of the element. This was
   used in the interop tests, scenario #6, encryption. Because
   these specs are fairly but we updated the use of the encoding
   according to the interop test results and the then relevant
   specs.

The OASIS WSS specs are confusing me more and more.

Regards,
Werner

Davanum Srinivas wrote:
> +1 from me
> 
> On 9/10/05, Werner Dittmann <We...@t-online.de> wrote:
> 
>>Dims,
>>
>>while browsing the specs and the accroding Errata IMO the Base64
>>encoding is not the default setting. There is no default setting.
>>
>>Pls refer to the errata of SOAP message, chapter 3.6 that in turn
>>references section 7.3 of the original WSS spec 1.0.
>>
>>Thus, IMO we shall revers the fix.
>>
>>Regards,
>>Werner
>>
>>dims@apache.org wrote:
>>
>>>Author: dims
>>>Date: Wed Sep  7 12:40:55 2005
>>>New Revision: 279405
>>>
>>>URL: http://svn.apache.org/viewcvs?rev=279405&view=rev
>>>Log:
>>>- WSS defines the default Encoding to be base64, so if nothing is present that's ok.
>>>- Add missing entry for badEncoding in errors.properties
>>>
>>>
>>>Modified:
>>>    webservices/wss4j/branches/WSS4J_1_1_0_FINAL/src/org/apache/ws/security/components/crypto/errors.properties
>>>    webservices/wss4j/branches/WSS4J_1_1_0_FINAL/src/org/apache/ws/security/message/token/BinarySecurity.java
>>>
>>>Modified: webservices/wss4j/branches/WSS4J_1_1_0_FINAL/src/org/apache/ws/security/components/crypto/errors.properties
>>>URL: http://svn.apache.org/viewcvs/webservices/wss4j/branches/WSS4J_1_1_0_FINAL/src/org/apache/ws/security/components/crypto/errors.properties?rev=279405&r1=279404&r2=279405&view=diff
>>>==============================================================================
>>>--- webservices/wss4j/branches/WSS4J_1_1_0_FINAL/src/org/apache/ws/security/components/crypto/errors.properties (original)
>>>+++ webservices/wss4j/branches/WSS4J_1_1_0_FINAL/src/org/apache/ws/security/components/crypto/errors.properties Wed Sep  7 12:40:55 2005
>>>@@ -15,4 +15,5 @@
>>> noCerts00 = No certificates loaded
>>> noKey00 = No private key loaded
>>> noSKIHandling = Problem with SKI information: {0}
>>>-badBase64Data = Unable to decode Base64 encoded data
>>>\ No newline at end of file
>>>+badBase64Data = Unable to decode Base64 encoded data
>>>+badEncoding = Problem with Encoding: {0}
>>>
>>>Modified: webservices/wss4j/branches/WSS4J_1_1_0_FINAL/src/org/apache/ws/security/message/token/BinarySecurity.java
>>>URL: http://svn.apache.org/viewcvs/webservices/wss4j/branches/WSS4J_1_1_0_FINAL/src/org/apache/ws/security/message/token/BinarySecurity.java?rev=279405&r1=279404&r2=279405&view=diff
>>>==============================================================================
>>>--- webservices/wss4j/branches/WSS4J_1_1_0_FINAL/src/org/apache/ws/security/message/token/BinarySecurity.java (original)
>>>+++ webservices/wss4j/branches/WSS4J_1_1_0_FINAL/src/org/apache/ws/security/message/token/BinarySecurity.java Wed Sep  7 12:40:55 2005
>>>@@ -71,7 +71,8 @@
>>>             QName el = new QName(this.element.getNamespaceURI(), this.element.getLocalName());
>>>             throw new WSSecurityException(WSSecurityException.INVALID_SECURITY_TOKEN, "badTokenType", new Object[]{el});
>>>         }
>>>-        if (!getEncodingType().endsWith(BASE64_BINARY)) {
>>>+        String encoding = getEncodingType();
>>>+        if (encoding.length() > 0 && !encoding.endsWith(BASE64_BINARY)) {
>>>             throw new WSSecurityException(WSSecurityException.INVALID_SECURITY_TOKEN, "badEncoding", new Object[]{getEncodingType()});
>>>         }
>>>     }
>>>
>>>
>>>
>>>---------------------------------------------------------------------
>>>To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
>>>For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>>>
>>>
>>
>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
>>For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>>
>>
> 
> 
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org