You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by "Angel Todorov (JIRA)" <ji...@apache.org> on 2007/05/06 13:34:16 UTC
[jira] Created: (RAMPART-37) SymmetricBinding is broken
SymmetricBinding is broken
---------------------------
Key: RAMPART-37
URL: https://issues.apache.org/jira/browse/RAMPART-37
Project: Rampart
Issue Type: Bug
Affects Versions: 1.1, 1.2
Environment: Rampart-head , Axis2 1.2, Tomcat 5.5.23
Reporter: Angel Todorov
Priority: Critical
Fix For: 1.2
I am using the following policy snippet (below). I would like to implement username authentication with symmetric keys (this works perfectly with WSIT and Glassfish, JAX-WS RI ) :
--------------------------------------------------------
<sp:SymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:ProtectionToken>
<wsp:Policy>
<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
<wsp:Policy>
<sp:WssX509V3Token10/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:ProtectionToken>
<sp:Layout>
<wsp:Policy>
<sp:Strict/>
</wsp:Policy>
</sp:Layout>
<sp:IncludeTimestamp/>
<sp:OnlySignEntireHeadersAndBody/>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic128/>
</wsp:Policy>
</sp:AlgorithmSuite>
</wsp:Policy>
</sp:SymmetricBinding>
---------------------------------------------------------------------------------
And I am getting the following Exception:
[java] INFO: Deploying module: addressing-1.2
[java] May 6, 2007 2:27:39 PM org.apache.axis2.deployment.ModuleDeployer deploy
[java] INFO: Deploying module: rampart-1.2
[java] Exception in thread "main" java.lang.UnsupportedOperationException: TODO
[java] at org.apache.rampart.builder.BindingBuilder.doSymmSignature(BindingBuilder.java:540)
[java] at org.apache.rampart.builder.SymmetricBindingBuilder.doSignBeforeEncrypt(SymmetricBindingBuilder.java:370)
[java] at org.apache.rampart.builder.SymmetricBindingBuilder.build(SymmetricBindingBuilder.java:73)
[java] at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:127)
[java] at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:57)
[java] at org.apache.axis2.engine.Phase.invoke(Phase.java:383)
[java] at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:203)
[java] at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:433)
[java] at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:330)
[java] at org.apache.axis2.description.OutInAxisOperationClient.execute(OutInAxisOperation.java:294)
[java] at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:520)
[java] at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:500)
[java] at org.apache.rampart.samples.policy.sample03.Client.main(Unknown Source)
[java] Java Result: 1
In the code (BindingBuilder.java) I can see:
-------------------------------------------------------------------------
}
} else {
//TODO : Example SAMLTOken Signature
throw new UnsupportedOperationException("TODO");
}
--------------------------------------------------------------------------
Apparently I am not using anything related to SAML or whatever... it's a very basic functionality. Thank you very much.
Regards,
Angel
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (RAMPART-37) SymmetricBinding is broken
Posted by "Angel Todorov (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-37?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Angel Todorov updated RAMPART-37:
---------------------------------
Attachment: SymmetricBindingBuilder.diff
This has to be used along with the fix provided in :
https://issues.apache.org/jira/browse/WSS-77
Thank you.
Regards,
Angel
> SymmetricBinding is broken
> ---------------------------
>
> Key: RAMPART-37
> URL: https://issues.apache.org/jira/browse/RAMPART-37
> Project: Rampart
> Issue Type: Bug
> Affects Versions: 1.1, 1.2
> Environment: Rampart-head , Axis2 1.2, Tomcat 5.5.23
> Reporter: Angel Todorov
> Priority: Critical
> Fix For: 1.2
>
> Attachments: SymmetricBindingBuilder.diff
>
>
> I am using the following policy snippet (below). I would like to implement username authentication with symmetric keys (this works perfectly with WSIT and Glassfish, JAX-WS RI ) :
> --------------------------------------------------------
> <sp:SymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> <wsp:Policy>
> <sp:ProtectionToken>
> <wsp:Policy>
> <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
> <wsp:Policy>
> <sp:WssX509V3Token10/>
> </wsp:Policy>
> </sp:X509Token>
> </wsp:Policy>
> </sp:ProtectionToken>
> <sp:Layout>
> <wsp:Policy>
> <sp:Strict/>
> </wsp:Policy>
> </sp:Layout>
> <sp:IncludeTimestamp/>
> <sp:OnlySignEntireHeadersAndBody/>
> <sp:AlgorithmSuite>
> <wsp:Policy>
> <sp:Basic128/>
> </wsp:Policy>
> </sp:AlgorithmSuite>
> </wsp:Policy>
> </sp:SymmetricBinding>
> ---------------------------------------------------------------------------------
> And I am getting the following Exception:
> [java] INFO: Deploying module: addressing-1.2
> [java] May 6, 2007 2:27:39 PM org.apache.axis2.deployment.ModuleDeployer deploy
> [java] INFO: Deploying module: rampart-1.2
> [java] Exception in thread "main" java.lang.UnsupportedOperationException: TODO
> [java] at org.apache.rampart.builder.BindingBuilder.doSymmSignature(BindingBuilder.java:540)
> [java] at org.apache.rampart.builder.SymmetricBindingBuilder.doSignBeforeEncrypt(SymmetricBindingBuilder.java:370)
> [java] at org.apache.rampart.builder.SymmetricBindingBuilder.build(SymmetricBindingBuilder.java:73)
> [java] at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:127)
> [java] at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:57)
> [java] at org.apache.axis2.engine.Phase.invoke(Phase.java:383)
> [java] at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:203)
> [java] at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:433)
> [java] at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:330)
> [java] at org.apache.axis2.description.OutInAxisOperationClient.execute(OutInAxisOperation.java:294)
> [java] at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:520)
> [java] at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:500)
> [java] at org.apache.rampart.samples.policy.sample03.Client.main(Unknown Source)
> [java] Java Result: 1
> In the code (BindingBuilder.java) I can see:
> -------------------------------------------------------------------------
> }
> } else {
> //TODO : Example SAMLTOken Signature
> throw new UnsupportedOperationException("TODO");
> }
> --------------------------------------------------------------------------
> Apparently I am not using anything related to SAML or whatever... it's a very basic functionality. Thank you very much.
> Regards,
> Angel
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Resolved: (RAMPART-37) SymmetricBinding is broken
Posted by "Ruchith Udayanga Fernando (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-37?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ruchith Udayanga Fernando resolved RAMPART-37.
----------------------------------------------
Resolution: Fixed
This should be fixed with the updates to SymmetricBindingBuilder to support issued tokens.
Also fixed WSS-77
Thanks,
Ruchith
> SymmetricBinding is broken
> ---------------------------
>
> Key: RAMPART-37
> URL: https://issues.apache.org/jira/browse/RAMPART-37
> Project: Rampart
> Issue Type: Bug
> Affects Versions: 1.1, 1.2
> Environment: Rampart-head , Axis2 1.2, Tomcat 5.5.23
> Reporter: Angel Todorov
> Priority: Critical
> Fix For: 1.2
>
> Attachments: policy_sym.xml, SymmetricBindingBuilder.diff
>
>
> I am using the following policy snippet (below). I would like to implement username authentication with symmetric keys (this works perfectly with WSIT and Glassfish, JAX-WS RI ) :
> --------------------------------------------------------
> <sp:SymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> <wsp:Policy>
> <sp:ProtectionToken>
> <wsp:Policy>
> <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
> <wsp:Policy>
> <sp:WssX509V3Token10/>
> </wsp:Policy>
> </sp:X509Token>
> </wsp:Policy>
> </sp:ProtectionToken>
> <sp:Layout>
> <wsp:Policy>
> <sp:Strict/>
> </wsp:Policy>
> </sp:Layout>
> <sp:IncludeTimestamp/>
> <sp:OnlySignEntireHeadersAndBody/>
> <sp:AlgorithmSuite>
> <wsp:Policy>
> <sp:Basic128/>
> </wsp:Policy>
> </sp:AlgorithmSuite>
> </wsp:Policy>
> </sp:SymmetricBinding>
> ---------------------------------------------------------------------------------
> And I am getting the following Exception:
> [java] INFO: Deploying module: addressing-1.2
> [java] May 6, 2007 2:27:39 PM org.apache.axis2.deployment.ModuleDeployer deploy
> [java] INFO: Deploying module: rampart-1.2
> [java] Exception in thread "main" java.lang.UnsupportedOperationException: TODO
> [java] at org.apache.rampart.builder.BindingBuilder.doSymmSignature(BindingBuilder.java:540)
> [java] at org.apache.rampart.builder.SymmetricBindingBuilder.doSignBeforeEncrypt(SymmetricBindingBuilder.java:370)
> [java] at org.apache.rampart.builder.SymmetricBindingBuilder.build(SymmetricBindingBuilder.java:73)
> [java] at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:127)
> [java] at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:57)
> [java] at org.apache.axis2.engine.Phase.invoke(Phase.java:383)
> [java] at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:203)
> [java] at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:433)
> [java] at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:330)
> [java] at org.apache.axis2.description.OutInAxisOperationClient.execute(OutInAxisOperation.java:294)
> [java] at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:520)
> [java] at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:500)
> [java] at org.apache.rampart.samples.policy.sample03.Client.main(Unknown Source)
> [java] Java Result: 1
> In the code (BindingBuilder.java) I can see:
> -------------------------------------------------------------------------
> }
> } else {
> //TODO : Example SAMLTOken Signature
> throw new UnsupportedOperationException("TODO");
> }
> --------------------------------------------------------------------------
> Apparently I am not using anything related to SAML or whatever... it's a very basic functionality. Thank you very much.
> Regards,
> Angel
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (RAMPART-37) SymmetricBinding is broken
Posted by "Angel Todorov (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-37?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Angel Todorov updated RAMPART-37:
---------------------------------
Attachment: policy_sym.xml
I am attaching the policy example for symmetric binding that works now , with the fixes.
Regards,
Angel
> SymmetricBinding is broken
> ---------------------------
>
> Key: RAMPART-37
> URL: https://issues.apache.org/jira/browse/RAMPART-37
> Project: Rampart
> Issue Type: Bug
> Affects Versions: 1.1, 1.2
> Environment: Rampart-head , Axis2 1.2, Tomcat 5.5.23
> Reporter: Angel Todorov
> Priority: Critical
> Fix For: 1.2
>
> Attachments: policy_sym.xml, SymmetricBindingBuilder.diff
>
>
> I am using the following policy snippet (below). I would like to implement username authentication with symmetric keys (this works perfectly with WSIT and Glassfish, JAX-WS RI ) :
> --------------------------------------------------------
> <sp:SymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> <wsp:Policy>
> <sp:ProtectionToken>
> <wsp:Policy>
> <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
> <wsp:Policy>
> <sp:WssX509V3Token10/>
> </wsp:Policy>
> </sp:X509Token>
> </wsp:Policy>
> </sp:ProtectionToken>
> <sp:Layout>
> <wsp:Policy>
> <sp:Strict/>
> </wsp:Policy>
> </sp:Layout>
> <sp:IncludeTimestamp/>
> <sp:OnlySignEntireHeadersAndBody/>
> <sp:AlgorithmSuite>
> <wsp:Policy>
> <sp:Basic128/>
> </wsp:Policy>
> </sp:AlgorithmSuite>
> </wsp:Policy>
> </sp:SymmetricBinding>
> ---------------------------------------------------------------------------------
> And I am getting the following Exception:
> [java] INFO: Deploying module: addressing-1.2
> [java] May 6, 2007 2:27:39 PM org.apache.axis2.deployment.ModuleDeployer deploy
> [java] INFO: Deploying module: rampart-1.2
> [java] Exception in thread "main" java.lang.UnsupportedOperationException: TODO
> [java] at org.apache.rampart.builder.BindingBuilder.doSymmSignature(BindingBuilder.java:540)
> [java] at org.apache.rampart.builder.SymmetricBindingBuilder.doSignBeforeEncrypt(SymmetricBindingBuilder.java:370)
> [java] at org.apache.rampart.builder.SymmetricBindingBuilder.build(SymmetricBindingBuilder.java:73)
> [java] at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:127)
> [java] at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:57)
> [java] at org.apache.axis2.engine.Phase.invoke(Phase.java:383)
> [java] at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:203)
> [java] at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:433)
> [java] at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:330)
> [java] at org.apache.axis2.description.OutInAxisOperationClient.execute(OutInAxisOperation.java:294)
> [java] at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:520)
> [java] at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:500)
> [java] at org.apache.rampart.samples.policy.sample03.Client.main(Unknown Source)
> [java] Java Result: 1
> In the code (BindingBuilder.java) I can see:
> -------------------------------------------------------------------------
> }
> } else {
> //TODO : Example SAMLTOken Signature
> throw new UnsupportedOperationException("TODO");
> }
> --------------------------------------------------------------------------
> Apparently I am not using anything related to SAML or whatever... it's a very basic functionality. Thank you very much.
> Regards,
> Angel
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.