You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Daniel Kulp (JIRA)" <ji...@apache.org> on 2008/02/15 23:06:08 UTC
[jira] Reopened: (CXF-1436) Error in WS-Security 1.1 Signature
Confirmation handling
[ https://issues.apache.org/jira/browse/CXF-1436?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Daniel Kulp reopened CXF-1436:
------------------------------
I'm going to re-open this as Fred had to disable the test after his fix for CXF-1433. Can you re-look at this?
Thanks!
Dan
> Error in WS-Security 1.1 Signature Confirmation handling
> --------------------------------------------------------
>
> Key: CXF-1436
> URL: https://issues.apache.org/jira/browse/CXF-1436
> Project: CXF
> Issue Type: Bug
> Components: WS-* Components
> Affects Versions: 2.1
> Reporter: Colm O hEigeartaigh
> Assignee: Daniel Kulp
> Priority: Minor
> Fix For: 2.0.5
>
> Attachments: sigconf.patch
>
>
> WS-Security 1.1 Signature Confirmation is a mechanism whereby a receiver of a signed SOAP message attaches a "SignatureConfirmation" blob in the responding SOAP message containing the signature that was received. In this way the initiator knows that the signature was received correctly.
> In CXF, support for signature confirmation is provided via the WSS4J*Interceptors. However, there's a minor boolean bug in the WSS4JOutInterceptor that mixes up the roles of the requestor and the responder, and hence this feature is broken.
> See attached patch for fix and unit test.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.