You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@synapse.apache.org by "Jeff Davis (JIRA)" <ji...@apache.org> on 2008/06/09 22:40:45 UTC
[jira] Created: (SYNAPSE-355) Add new "message level policies" to
support additional WS-Security scenarios
Add new "message level policies" to support additional WS-Security scenarios
----------------------------------------------------------------------------
Key: SYNAPSE-355
URL: https://issues.apache.org/jira/browse/SYNAPSE-355
Project: Synapse
Issue Type: Improvement
Affects Versions: 1.2
Reporter: Jeff Davis
Currently, if WS-Security is required on the outbound message, it is currently assumed that the response will also contain the WS-Security header. However, I have a situation where, while the server does require WS-Security, no WS-Security header is provided in the response. As such, I can't use "out-of-the-box" Synapse because Rampart fails on the response.
Ruwan had mentioned that an enhancement called "message level policies" had been discussed which would enable you to mix/match WS-Security requirements in the request/response. I believe this would fix the scenario I mentioned.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@synapse.apache.org
For additional commands, e-mail: dev-help@synapse.apache.org
[jira] Commented: (SYNAPSE-355) Add new "message level policies" to
support additional WS-Security scenarios
Posted by "Ruwan Linton (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SYNAPSE-355?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12604794#action_12604794 ]
Ruwan Linton commented on SYNAPSE-355:
--------------------------------------
Rampart has fixed the this issue and I am going to change the rampart version to SNAPSHOT so that with some changes this will be fixed.
> Add new "message level policies" to support additional WS-Security scenarios
> ----------------------------------------------------------------------------
>
> Key: SYNAPSE-355
> URL: https://issues.apache.org/jira/browse/SYNAPSE-355
> Project: Synapse
> Issue Type: Improvement
> Affects Versions: 1.2
> Reporter: Jeff Davis
> Assignee: Ruwan Linton
> Fix For: NIGHTLY
>
>
> Currently, if WS-Security is required on the outbound message, it is currently assumed that the response will also contain the WS-Security header. However, I have a situation where, while the server does require WS-Security, no WS-Security header is provided in the response. As such, I can't use "out-of-the-box" Synapse because Rampart fails on the response.
> Ruwan had mentioned that an enhancement called "message level policies" had been discussed which would enable you to mix/match WS-Security requirements in the request/response. I believe this would fix the scenario I mentioned.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@synapse.apache.org
For additional commands, e-mail: dev-help@synapse.apache.org
[jira] Assigned: (SYNAPSE-355) Add new "message level policies" to
support additional WS-Security scenarios
Posted by "Ruwan Linton (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SYNAPSE-355?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ruwan Linton reassigned SYNAPSE-355:
------------------------------------
Assignee: Ruwan Linton
> Add new "message level policies" to support additional WS-Security scenarios
> ----------------------------------------------------------------------------
>
> Key: SYNAPSE-355
> URL: https://issues.apache.org/jira/browse/SYNAPSE-355
> Project: Synapse
> Issue Type: Improvement
> Affects Versions: 1.2
> Reporter: Jeff Davis
> Assignee: Ruwan Linton
>
> Currently, if WS-Security is required on the outbound message, it is currently assumed that the response will also contain the WS-Security header. However, I have a situation where, while the server does require WS-Security, no WS-Security header is provided in the response. As such, I can't use "out-of-the-box" Synapse because Rampart fails on the response.
> Ruwan had mentioned that an enhancement called "message level policies" had been discussed which would enable you to mix/match WS-Security requirements in the request/response. I believe this would fix the scenario I mentioned.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@synapse.apache.org
For additional commands, e-mail: dev-help@synapse.apache.org
[jira] Commented: (SYNAPSE-355) Add new "message level policies" to
support additional WS-Security scenarios
Posted by "Ruwan Linton (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SYNAPSE-355?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12604126#action_12604126 ]
Ruwan Linton commented on SYNAPSE-355:
--------------------------------------
Fixed the code to take service level policy from the policy attribute of the enableSec element where as if one need to configure the endpoint with message level WS-Sec policy then he can use the attributes inboundPolicy and outboundPolicy to specify the two message level policies.
But this fix is not yes complete because it needs a fix from Rampart
> Add new "message level policies" to support additional WS-Security scenarios
> ----------------------------------------------------------------------------
>
> Key: SYNAPSE-355
> URL: https://issues.apache.org/jira/browse/SYNAPSE-355
> Project: Synapse
> Issue Type: Improvement
> Affects Versions: 1.2
> Reporter: Jeff Davis
> Assignee: Ruwan Linton
>
> Currently, if WS-Security is required on the outbound message, it is currently assumed that the response will also contain the WS-Security header. However, I have a situation where, while the server does require WS-Security, no WS-Security header is provided in the response. As such, I can't use "out-of-the-box" Synapse because Rampart fails on the response.
> Ruwan had mentioned that an enhancement called "message level policies" had been discussed which would enable you to mix/match WS-Security requirements in the request/response. I believe this would fix the scenario I mentioned.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@synapse.apache.org
For additional commands, e-mail: dev-help@synapse.apache.org
[jira] Resolved: (SYNAPSE-355) Add new "message level policies" to
support additional WS-Security scenarios
Posted by "Ruwan Linton (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SYNAPSE-355?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ruwan Linton resolved SYNAPSE-355.
----------------------------------
Resolution: Fixed
Fix Version/s: NIGHTLY
Fixed on the SVN trunk
> Add new "message level policies" to support additional WS-Security scenarios
> ----------------------------------------------------------------------------
>
> Key: SYNAPSE-355
> URL: https://issues.apache.org/jira/browse/SYNAPSE-355
> Project: Synapse
> Issue Type: Improvement
> Affects Versions: 1.2
> Reporter: Jeff Davis
> Assignee: Ruwan Linton
> Fix For: NIGHTLY
>
>
> Currently, if WS-Security is required on the outbound message, it is currently assumed that the response will also contain the WS-Security header. However, I have a situation where, while the server does require WS-Security, no WS-Security header is provided in the response. As such, I can't use "out-of-the-box" Synapse because Rampart fails on the response.
> Ruwan had mentioned that an enhancement called "message level policies" had been discussed which would enable you to mix/match WS-Security requirements in the request/response. I believe this would fix the scenario I mentioned.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@synapse.apache.org
For additional commands, e-mail: dev-help@synapse.apache.org