You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@synapse.apache.org by "Gary Snider (JIRA)" <ji...@apache.org> on 2008/08/11 15:43:44 UTC
[jira] Created: (SYNAPSE-422) Axis2FlexibleMEPClient removal of
addressing headers should be configurable
Axis2FlexibleMEPClient removal of addressing headers should be configurable
---------------------------------------------------------------------------
Key: SYNAPSE-422
URL: https://issues.apache.org/jira/browse/SYNAPSE-422
Project: Synapse
Issue Type: Bug
Components: Core
Affects Versions: 1.1.1, 1.2
Environment: Windows XP Professional. Synapse 1.1.1 and 1.2 proxy mode and mediation mode
Reporter: Gary Snider
Priority: Critical
I've tried using synapse in proxy mode as well as non-proxy mode but here is the scenario and why removing the headers is wrong for what we're doing:
1) A WS-Security message comes in to synapse (with wsa:MessageID signed & referenced in the digital signature )
2) Synapse Axis2FlexibleMEPClient removes the wsa:MessageID in the original message (Axis2FlexibleMEPClient.removeAddressingHeaders)
3) The endpoint gets the 'forwarded' request and it fails ws-security validation because the wsa:MessageID which is referenced in the digital signature has been removed.
The removal of addressing headers needs to be configurable since some implementations might rely on the original wsa:messageID to be there. In our case it is part of a digital signature.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@synapse.apache.org
For additional commands, e-mail: dev-help@synapse.apache.org
[jira] Resolved: (SYNAPSE-422) Axis2FlexibleMEPClient removal of
addressing headers should be configurable
Posted by "Asankha C. Perera (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SYNAPSE-422?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Asankha C. Perera resolved SYNAPSE-422.
---------------------------------------
Resolution: Fixed
Fix Version/s: 1.3
Assignee: Asankha C. Perera
Gary, could you verify if the latest nightly build will solve this? Basically the fix was to not remove the existing addressing headers, if the endpoint does not turn on addressing at the ESB
http://hudson.zones.apache.org/hudson/job/Synapse%20-%20Trunk/lastSuccessfulBuild/org.apache.synapse$synapse-distribution/artifact/org.apache.synapse/synapse-distribution/SNAPSHOT/synapse-SNAPSHOT-bin.zip
> Axis2FlexibleMEPClient removal of addressing headers should be configurable
> ---------------------------------------------------------------------------
>
> Key: SYNAPSE-422
> URL: https://issues.apache.org/jira/browse/SYNAPSE-422
> Project: Synapse
> Issue Type: Bug
> Components: Core
> Affects Versions: 1.1.1, 1.2
> Environment: Windows XP Professional. Synapse 1.1.1 and 1.2 proxy mode and mediation mode
> Reporter: Gary Snider
> Assignee: Asankha C. Perera
> Priority: Critical
> Fix For: 1.3
>
>
> I've tried using synapse in proxy mode as well as non-proxy mode but here is the scenario and why removing the headers is wrong for what we're doing:
> 1) A WS-Security message comes in to synapse (with wsa:MessageID signed & referenced in the digital signature )
> 2) Synapse Axis2FlexibleMEPClient removes the wsa:MessageID in the original message (Axis2FlexibleMEPClient.removeAddressingHeaders)
> 3) The endpoint gets the 'forwarded' request and it fails ws-security validation because the wsa:MessageID which is referenced in the digital signature has been removed.
> The removal of addressing headers needs to be configurable since some implementations might rely on the original wsa:messageID to be there. In our case it is part of a digital signature.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@synapse.apache.org
For additional commands, e-mail: dev-help@synapse.apache.org