You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org> on 2019/02/28 10:13:00 UTC
[jira] [Commented] (CXF-7984) UsernameTokenInterceptor doesn't
respect contextual property "allowNamespaceQualifiedPasswordTypes"
[ https://issues.apache.org/jira/browse/CXF-7984?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16780338#comment-16780338 ]
Colm O hEigeartaigh commented on CXF-7984:
------------------------------------------
Hi [~ema],
It looks like this patch changes the default (i.e. if the configuration property is null):
private boolean allowNamespaceQualifiedPWDTypes(final SoapMessage message) {
+ String allow = (String)message
+ .getContextualProperty(ConfigurationConstants.ALLOW_NAMESPACE_QUALIFIED_PASSWORD_TYPES);
+ return !("false".equals(allow) || "0".equals(allow));
+ }
The default should be false if not specified.
> UsernameTokenInterceptor doesn't respect contextual property "allowNamespaceQualifiedPasswordTypes"
> ---------------------------------------------------------------------------------------------------
>
> Key: CXF-7984
> URL: https://issues.apache.org/jira/browse/CXF-7984
> Project: CXF
> Issue Type: Bug
> Components: WS-* Components
> Affects Versions: 3.1.18, 3.2.8, 3.3.0
> Reporter: Jim Ma
> Assignee: Jim Ma
> Priority: Major
> Fix For: 3.3.1, 3.2.9
>
>
> allowNamespaceQualifiedPasswordTypes is not read from contextual properties before create wss4j UsernameToken.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)