You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@synapse.apache.org by "Ruwan Linton (JIRA)" <ji...@apache.org> on 2008/06/11 08:02:45 UTC
[jira] Commented: (SYNAPSE-355) Add new "message level policies" to
support additional WS-Security scenarios
[ https://issues.apache.org/jira/browse/SYNAPSE-355?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12604126#action_12604126 ]
Ruwan Linton commented on SYNAPSE-355:
--------------------------------------
Fixed the code to take service level policy from the policy attribute of the enableSec element where as if one need to configure the endpoint with message level WS-Sec policy then he can use the attributes inboundPolicy and outboundPolicy to specify the two message level policies.
But this fix is not yes complete because it needs a fix from Rampart
> Add new "message level policies" to support additional WS-Security scenarios
> ----------------------------------------------------------------------------
>
> Key: SYNAPSE-355
> URL: https://issues.apache.org/jira/browse/SYNAPSE-355
> Project: Synapse
> Issue Type: Improvement
> Affects Versions: 1.2
> Reporter: Jeff Davis
> Assignee: Ruwan Linton
>
> Currently, if WS-Security is required on the outbound message, it is currently assumed that the response will also contain the WS-Security header. However, I have a situation where, while the server does require WS-Security, no WS-Security header is provided in the response. As such, I can't use "out-of-the-box" Synapse because Rampart fails on the response.
> Ruwan had mentioned that an enhancement called "message level policies" had been discussed which would enable you to mix/match WS-Security requirements in the request/response. I believe this would fix the scenario I mentioned.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@synapse.apache.org
For additional commands, e-mail: dev-help@synapse.apache.org