You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ws.apache.org by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org> on 2014/10/07 10:05:36 UTC

[jira] [Closed] (WSS-328) Impossible to sign BST since 1.6.x

     [ https://issues.apache.org/jira/browse/WSS-328?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Colm O hEigeartaigh closed WSS-328.
-----------------------------------

> Impossible to sign BST since 1.6.x
> ----------------------------------
>
>                 Key: WSS-328
>                 URL: https://issues.apache.org/jira/browse/WSS-328
>             Project: WSS4J
>          Issue Type: Bug
>          Components: WSS4J Core
>    Affects Versions: 1.6.3
>            Reporter: Willem Salembier
>            Assignee: Colm O hEigeartaigh
>
> The org.apache.ws.security.message.WSSecSignature::build method has been changed to first compute the signature and afterwards prepend the BST to the security header. If the requirement is to sign the BST, the computeSignature doesn't find the BST.
> 	Vector<WSEncryptionPart> parts = new Vector<WSEncryptionPart>();
> 	parts.add(new WSEncryptionPart(WSConstants.BINARY_TOKEN_LN, WSConstants.WSSE_NS, "Element"));
> 	signature.setParts(parts);
> In 1.5.x there was also a wildcard "Token" to sign the security token, but this is not supported anymore in 1.6.x.
> 	Vector<WSEncryptionPart> parts = new Vector<WSEncryptionPart>();
> 	parts.add(new WSEncryptionPart("Token", null, "Element"));
> 	signature.setParts(parts);



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org