You are viewing a plain text version of this content. The canonical link for it is here.

Posted to rampart-dev@ws.apache.org by "Ruchith Udayanga Fernando (JIRA)" <ji...@apache.org> on 2008/02/15 11:07:08 UTC

[jira] Resolved: (RAMPART-141) Issue of Rampart not supporting X509PKIPathv1 token

     [ https://issues.apache.org/jira/browse/RAMPART-141?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Ruchith Udayanga Fernando resolved RAMPART-141.
-----------------------------------------------

    Resolution: Fixed

Applied patch to revision 627990. 
Thanks Narayan!

> Issue of Rampart not supporting X509PKIPathv1 token
> ---------------------------------------------------
>
>                 Key: RAMPART-141
>                 URL: https://issues.apache.org/jira/browse/RAMPART-141
>             Project: Rampart
>          Issue Type: Bug
>          Components: rampart-core
>    Affects Versions: 1.3
>            Reporter: Narayan S Dhillon
>            Assignee: Ruchith Udayanga Fernando
>         Attachments: rampart-141.patch
>
>
> *Issue: Rampart doesnt support X509 certification path token type X509PKIPathv1.
> *Example: 
> If I use following ws-policy, Rampart still generates the SOAP message with X509V3  token.
> **policy:
> <sp:AsymmetricBinding>
> 		        	<wsp:Policy>
> 		            	<sp:InitiatorToken>
> 		                	<wsp:Policy>
> 		                    	<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
> 		                        	<wsp:Policy>
> 		                            	<sp:WssX509PkiPathV1Token10/>
> 									</wsp:Policy>
> 		                        </sp:X509Token>
> 		                    </wsp:Policy>
> 		                </sp:InitiatorToken>
> **Security token generated:
> <wsse:BinarySecurityToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="CertId-1813950">MIIC...g==</wsse:BinarySecurityToken>
> *Resolution:
> org.apache.rampart.builder.BindingBuilder.getSignatureBuider(..) should set org.apache.ws.security.message.WSSecSignature.useSingleCert to false if token type is Constants.WSS_X509_PKI_PATH_V1_TOKEN10 or
> Constants.WSS_X509_PKI_PATH_V1_TOKEN11

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.