You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org> on 2012/08/02 16:07:02 UTC
[jira] [Created] (CXF-4453) Make the CryptoCoverageChecker easier
to use for common signature verification use-cases
Colm O hEigeartaigh created CXF-4453:
----------------------------------------
Summary: Make the CryptoCoverageChecker easier to use for common signature verification use-cases
Key: CXF-4453
URL: https://issues.apache.org/jira/browse/CXF-4453
Project: CXF
Issue Type: Improvement
Components: WS-* Components
Affects Versions: 2.6.1, 2.5.4, 2.4.8
Reporter: Colm O hEigeartaigh
Assignee: Colm O hEigeartaigh
Fix For: 2.4.9, 2.5.5, 2.6.2
The CryptoCoverageChecker is designed to be used in conjunction with the WSS4JInInterceptor for the non-WS-SecurityPolicy case, to check that elements you expected to be signed or encrypted actually were. However, for some common use-cases based around signature verification it is slightly complex to set up, as it involves adding XPath expressions, as well as the corresponding prefix/namespace pairs. This task is to extend the CryptoCoverageChecker to make it easier to use for some common use-cases.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (CXF-4453) Make the CryptoCoverageChecker easier
to use for common signature verification and decryption use-cases
Posted by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/CXF-4453?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Colm O hEigeartaigh updated CXF-4453:
-------------------------------------
Description:
The CryptoCoverageChecker is designed to be used in conjunction with the WSS4JInInterceptor for the non-WS-SecurityPolicy case, to check that elements you expected to be signed or encrypted actually were. However, for some common use-cases based around signature verification or decryption it is slightly complex to set up, as it involves adding XPath expressions, as well as the corresponding prefix/namespace pairs. This task is to extend the CryptoCoverageChecker to make it easier to use for some common use-cases.
A new subclass called "DefaultCryptoCoverageChecker" will be introduced, which will provide an easy way to make sure that the SOAP Body is signed or encrypted, that the Timestamp is signed, and that the WS-Addressing ReplyTo and FaultTo headers are signed (if they are present in the message payload).
was:
The CryptoCoverageChecker is designed to be used in conjunction with the WSS4JInInterceptor for the non-WS-SecurityPolicy case, to check that elements you expected to be signed or encrypted actually were. However, for some common use-cases based around signature verification or decryption it is slightly complex to set up, as it involves adding XPath expressions, as well as the corresponding prefix/namespace pairs. This task is to extend the CryptoCoverageChecker to make it easier to use for some common use-cases.
A new subclass called "DefaultCryptoCoverageChecker" will be introduced, which will provide an easy way to make sure that the SOAP Body is signed or encrypted, and that the Timestamp is signed.
> Make the CryptoCoverageChecker easier to use for common signature verification and decryption use-cases
> -------------------------------------------------------------------------------------------------------
>
> Key: CXF-4453
> URL: https://issues.apache.org/jira/browse/CXF-4453
> Project: CXF
> Issue Type: Improvement
> Components: WS-* Components
> Affects Versions: 2.4.8, 2.5.4, 2.6.1
> Reporter: Colm O hEigeartaigh
> Assignee: Colm O hEigeartaigh
> Fix For: 2.4.9, 2.5.5, 2.6.2
>
>
> The CryptoCoverageChecker is designed to be used in conjunction with the WSS4JInInterceptor for the non-WS-SecurityPolicy case, to check that elements you expected to be signed or encrypted actually were. However, for some common use-cases based around signature verification or decryption it is slightly complex to set up, as it involves adding XPath expressions, as well as the corresponding prefix/namespace pairs. This task is to extend the CryptoCoverageChecker to make it easier to use for some common use-cases.
> A new subclass called "DefaultCryptoCoverageChecker" will be introduced, which will provide an easy way to make sure that the SOAP Body is signed or encrypted, that the Timestamp is signed, and that the WS-Addressing ReplyTo and FaultTo headers are signed (if they are present in the message payload).
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (CXF-4453) Make the CryptoCoverageChecker easier
to use for common signature verification and decryption use-cases
Posted by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/CXF-4453?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Colm O hEigeartaigh updated CXF-4453:
-------------------------------------
Description:
The CryptoCoverageChecker is designed to be used in conjunction with the WSS4JInInterceptor for the non-WS-SecurityPolicy case, to check that elements you expected to be signed or encrypted actually were. However, for some common use-cases based around signature verification or decryption it is slightly complex to set up, as it involves adding XPath expressions, as well as the corresponding prefix/namespace pairs. This task is to extend the CryptoCoverageChecker to make it easier to use for some common use-cases.
A new subclass called "DefaultCryptoCoverageChecker" will be introduced, which will provide an easy way to make sure that the SOAP Body is signed or encrypted, and that the Timestamp is signed.
was:
The CryptoCoverageChecker is designed to be used in conjunction with the WSS4JInInterceptor for the non-WS-SecurityPolicy case, to check that elements you expected to be signed or encrypted actually were. However, for some common use-cases based around signature verification it is slightly complex to set up, as it involves adding XPath expressions, as well as the corresponding prefix/namespace pairs. This task is to extend the CryptoCoverageChecker to make it easier to use for some common use-cases.
Summary: Make the CryptoCoverageChecker easier to use for common signature verification and decryption use-cases (was: Make the CryptoCoverageChecker easier to use for common signature verification use-cases)
> Make the CryptoCoverageChecker easier to use for common signature verification and decryption use-cases
> -------------------------------------------------------------------------------------------------------
>
> Key: CXF-4453
> URL: https://issues.apache.org/jira/browse/CXF-4453
> Project: CXF
> Issue Type: Improvement
> Components: WS-* Components
> Affects Versions: 2.4.8, 2.5.4, 2.6.1
> Reporter: Colm O hEigeartaigh
> Assignee: Colm O hEigeartaigh
> Fix For: 2.4.9, 2.5.5, 2.6.2
>
>
> The CryptoCoverageChecker is designed to be used in conjunction with the WSS4JInInterceptor for the non-WS-SecurityPolicy case, to check that elements you expected to be signed or encrypted actually were. However, for some common use-cases based around signature verification or decryption it is slightly complex to set up, as it involves adding XPath expressions, as well as the corresponding prefix/namespace pairs. This task is to extend the CryptoCoverageChecker to make it easier to use for some common use-cases.
> A new subclass called "DefaultCryptoCoverageChecker" will be introduced, which will provide an easy way to make sure that the SOAP Body is signed or encrypted, and that the Timestamp is signed.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Resolved] (CXF-4453) Make the CryptoCoverageChecker easier
to use for common signature verification and decryption use-cases
Posted by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/CXF-4453?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Colm O hEigeartaigh resolved CXF-4453.
--------------------------------------
Resolution: Fixed
> Make the CryptoCoverageChecker easier to use for common signature verification and decryption use-cases
> -------------------------------------------------------------------------------------------------------
>
> Key: CXF-4453
> URL: https://issues.apache.org/jira/browse/CXF-4453
> Project: CXF
> Issue Type: Improvement
> Components: WS-* Components
> Affects Versions: 2.4.8, 2.5.4, 2.6.1
> Reporter: Colm O hEigeartaigh
> Assignee: Colm O hEigeartaigh
> Fix For: 2.4.9, 2.5.5, 2.6.2
>
>
> The CryptoCoverageChecker is designed to be used in conjunction with the WSS4JInInterceptor for the non-WS-SecurityPolicy case, to check that elements you expected to be signed or encrypted actually were. However, for some common use-cases based around signature verification or decryption it is slightly complex to set up, as it involves adding XPath expressions, as well as the corresponding prefix/namespace pairs. This task is to extend the CryptoCoverageChecker to make it easier to use for some common use-cases.
> A new subclass called "DefaultCryptoCoverageChecker" will be introduced, which will provide an easy way to make sure that the SOAP Body is signed or encrypted, that the Timestamp is signed, and that the WS-Addressing ReplyTo and FaultTo headers are signed (if they are present in the message payload).
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira