You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-dev@axis.apache.org by "Thilina Buddhika (JIRA)" <ji...@apache.org> on 2010/12/21 13:36:00 UTC
[jira] Updated: (RAMPART-119) Invalid behavior when empty
element present in the policy
[ https://issues.apache.org/jira/browse/RAMPART-119?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Thilina Buddhika updated RAMPART-119:
-------------------------------------
Attachment: RAMPART-119.patch
Attaching to updated patch for the current revision of the trunk.
> Invalid behavior when empty <sp:SignedParts/> element present in the policy
> ---------------------------------------------------------------------------
>
> Key: RAMPART-119
> URL: https://issues.apache.org/jira/browse/RAMPART-119
> Project: Rampart
> Issue Type: Bug
> Components: rampart-core
> Affects Versions: 1.3
> Reporter: Nandana Mihindukulasooriya
> Assignee: Nandana Mihindukulasooriya
> Attachments: RAMPART-119.patch, RAMPART119.patch
>
>
> According to the ws - security policy specification 1.1 , 5.1.1 Signed Parts Assertion
> This assertion specifies the parts of the message that need integrity protection. If no child elements are specified, all message headers targeted at the UltimateReceiver role [SOAP12] or actor [SOAP11] and the body of the message MUST be integrity protected.
> So for an empty signed parts element, we have to sign all the message headers. At current we don't sign any header if signed parts element is empty.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org