You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by "Nandana Mihindukulasooriya (JIRA)" <ji...@apache.org> on 2008/05/27 07:14:00 UTC
[jira] Updated: (RAMPART-138) Created response of
SymmetricBindingBuilder WITHOUT timestamp is incorrect
[ https://issues.apache.org/jira/browse/RAMPART-138?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Nandana Mihindukulasooriya updated RAMPART-138:
-----------------------------------------------
Fix Version/s: (was: 1.3)
1.4
Set Fix version to 1.4.
> Created response of SymmetricBindingBuilder WITHOUT timestamp is incorrect
> --------------------------------------------------------------------------
>
> Key: RAMPART-138
> URL: https://issues.apache.org/jira/browse/RAMPART-138
> Project: Rampart
> Issue Type: Bug
> Components: rampart-core
> Affects Versions: 1.3
> Reporter: Christian Mielke
> Assignee: Nandana Mihindukulasooriya
> Fix For: 1.4
>
>
> When using the policy below, the RAMPART SymmetricBindingBuilder creates a server-response that has not the correct order of elements for the protection-order EncryptBeforeSigning. A client which recieves the response (I tested it with a WCF 3.0 client) says that the response has not the correct protection order.
> If the policy gets extended with a timestamp, the error doesn't appear.
> <wsp:Policy wsu:Id="token" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
> <wsp:ExactlyOne>
> <wsp:All>
> <sp:SymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> <wsp:Policy>
> <sp:ProtectionToken>
> <wsp:Policy>
> <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
> <wsp:Policy>
> <sp:RequireThumbprintReference/>
> <sp:WssX509V3Token10/>
> </wsp:Policy>
> </sp:X509Token>
> </wsp:Policy>
> </sp:ProtectionToken>
> <sp:AlgorithmSuite>
> <wsp:Policy>
> <sp:Basic256 />
> </wsp:Policy>
> </sp:AlgorithmSuite>
> <sp:Layout>
> <wsp:Policy>
> <sp:Strict/>
> </wsp:Policy>
> </sp:Layout>
> <sp:EncryptBeforeSigning/>
> <sp:OnlySignEntireHeadersAndBody/>
> </wsp:Policy>
> </sp:SymmetricBinding>
> <sp:EndorsingSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> <wsp:Policy>
> <sp:IssuedToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
> <Issuer xmlns="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> <Address xmlns="http://www.w3.org/2005/08/addressing">
> http://localhost:8080/axis2/services/SecurityToken
> </Address>
> </Issuer>
> <sp:RequestSecurityTokenTemplate>
> <t:TokenType xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust">
> urn:oasis:names:tc:SAML:1.0:assertion
> </t:TokenType>
> <t:KeyType xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust">
> http://schemas.xmlsoap.org/ws/2005/02/trust/SymmetricKey
> </t:KeyType>
> <t:KeySize xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust">
> 256
> </t:KeySize>
> </sp:RequestSecurityTokenTemplate>
> <wsp:Policy>
> <sp:RequireExternalReference />
> </wsp:Policy>
> </sp:IssuedToken>
> </wsp:Policy>
> </sp:EndorsingSupportingTokens>
> <sp:Wss11 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> <wsp:Policy>
> <sp:MustSupportRefThumbprint/>
> </wsp:Policy>
> </sp:Wss11>
> <sp:Trust10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> <wsp:Policy>
> <sp:MustSupportIssuedTokens />
> <sp:RequireServerEntropy />
> </wsp:Policy>
> </sp:Trust10>
> <sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> <sp:Body/>
> <sp:Header Name="Action" Namespace="http://www.w3.org/2005/08/addressing" />
> <sp:Header Name="To" Namespace="http://www.w3.org/2005/08/addressing" />
> <sp:Header Name="From" Namespace="http://www.w3.org/2005/08/addressing" />
> <sp:Header Name="FaultTo" Namespace="http://www.w3.org/2005/08/addressing" />
> <sp:Header Name="ReplyTo" Namespace="http://www.w3.org/2005/08/addressing" />
> <sp:Header Name="MessageID" Namespace="http://www.w3.org/2005/08/addressing" />
> <sp:Header Name="RelatesTo" Namespace="http://www.w3.org/2005/08/addressing" />
> </sp:SignedParts>
> <sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> <sp:Body/>
> </sp:EncryptedParts>
> </wsp:All>
> </wsp:ExactlyOne>
> </wsp:Policy>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.