You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by "asela pathberiya (JIRA)" <ji...@apache.org> on 2009/09/08 06:44:57 UTC
[jira] Created: (RAMPART-262) SymmetricBinding client can invoke
the AsymmetricBinding service policy
SymmetricBinding client can invoke the AsymmetricBinding service policy
-----------------------------------------------------------------------
Key: RAMPART-262
URL: https://issues.apache.org/jira/browse/RAMPART-262
Project: Rampart
Issue Type: Bug
Components: rampart-policy
Affects Versions: 1.5
Environment: ubuntu
Reporter: asela pathberiya
Assignee: Ruchith Udayanga Fernando
Priority: Minor
Fix For: 1.5
In sample03, service is used the AsymmetricBinding and also client side is used the same.
But I changed the client policy to SymmetricBinding (while keeping same Encryption and Signature Parts) and invoke the service.
It was responding well .
Is it a issue, isn't it? Because AsymmetricBinding service can be invoked by a SymmetricBinding client policy (who has not a certificate).
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (RAMPART-262) SymmetricBinding client can invoke
the AsymmetricBinding service policy
Posted by "asela pathberiya (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-262?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12752329#action_12752329 ]
asela pathberiya commented on RAMPART-262:
------------------------------------------
i am new to the WSS security and rampart. if this is not a issue, plz be kind to explain me....
Thanks,
Asela.
> SymmetricBinding client can invoke the AsymmetricBinding service policy
> -----------------------------------------------------------------------
>
> Key: RAMPART-262
> URL: https://issues.apache.org/jira/browse/RAMPART-262
> Project: Rampart
> Issue Type: Bug
> Components: rampart-policy
> Affects Versions: 1.5
> Environment: ubuntu
> Reporter: asela pathberiya
> Assignee: Ruchith Udayanga Fernando
> Priority: Minor
> Fix For: 1.5
>
>
> In sample03, service is used the AsymmetricBinding and also client side is used the same.
> But I changed the client policy to SymmetricBinding (while keeping same Encryption and Signature Parts) and invoke the service.
> It was responding well .
> Is it a issue, isn't it? Because AsymmetricBinding service can be invoked by a SymmetricBinding client policy (who has not a certificate).
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Assigned: (RAMPART-262) SymmetricBinding client can invoke
the AsymmetricBinding service policy
Posted by "Nandana Mihindukulasooriya (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-262?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Nandana Mihindukulasooriya reassigned RAMPART-262:
--------------------------------------------------
Assignee: Nandana Mihindukulasooriya (was: Ruchith Udayanga Fernando)
> SymmetricBinding client can invoke the AsymmetricBinding service policy
> -----------------------------------------------------------------------
>
> Key: RAMPART-262
> URL: https://issues.apache.org/jira/browse/RAMPART-262
> Project: Rampart
> Issue Type: Bug
> Components: rampart-policy
> Affects Versions: 1.5
> Environment: ubuntu
> Reporter: asela pathberiya
> Assignee: Nandana Mihindukulasooriya
> Priority: Minor
> Fix For: 1.5
>
>
> In sample03, service is used the AsymmetricBinding and also client side is used the same.
> But I changed the client policy to SymmetricBinding (while keeping same Encryption and Signature Parts) and invoke the service.
> It was responding well .
> Is it a issue, isn't it? Because AsymmetricBinding service can be invoked by a SymmetricBinding client policy (who has not a certificate).
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (RAMPART-262) SymmetricBinding client can invoke
the AsymmetricBinding service policy
Posted by "Nandana Mihindukulasooriya (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-262?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12752347#action_12752347 ]
Nandana Mihindukulasooriya commented on RAMPART-262:
----------------------------------------------------
HI Asela,
This is an issue. I will look in to this. Thanks for reporting.
regards,
Nandana
> SymmetricBinding client can invoke the AsymmetricBinding service policy
> -----------------------------------------------------------------------
>
> Key: RAMPART-262
> URL: https://issues.apache.org/jira/browse/RAMPART-262
> Project: Rampart
> Issue Type: Bug
> Components: rampart-policy
> Affects Versions: 1.5
> Environment: ubuntu
> Reporter: asela pathberiya
> Assignee: Nandana Mihindukulasooriya
> Priority: Minor
> Fix For: 1.5
>
>
> In sample03, service is used the AsymmetricBinding and also client side is used the same.
> But I changed the client policy to SymmetricBinding (while keeping same Encryption and Signature Parts) and invoke the service.
> It was responding well .
> Is it a issue, isn't it? Because AsymmetricBinding service can be invoked by a SymmetricBinding client policy (who has not a certificate).
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.