You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by "Prabath Siriwardena (JIRA)" <ji...@apache.org> on 2010/02/23 03:43:27 UTC
[jira] Created: (RAMPART-286) Support for WS Policy optionality on
WS Security assertions
Support for WS Policy optionality on WS Security assertions
-----------------------------------------------------------
Key: RAMPART-286
URL: https://issues.apache.org/jira/browse/RAMPART-286
Project: Rampart
Issue Type: New Feature
Reporter: Prabath Siriwardena
Assignee: Ruchith Udayanga Fernando
sSupport for WS Policy "Optional" attribute on the following WS Security Policy assertions:
1. <sp:IncludeTimestamp>
2. <sp:UsernameToken>
3. <sp:SignedParts> / <sp:Body>
4. <sp:EncryptedParts> / <sp:Body>
5. <sp:SupportingTokens> / <sp:X509Token>
The optional processing would instruct the Rampart Policy-based validation to skip validating any of the above policy assertions if they are marked as optional, for example if having an optional UsernameToken:
<wsp:Policy ...>
<sp:UsernameToken wsp:Optional="true" .../>
</wsp:Policy>
and request does not contain an UsernameToken, no error should be generated.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (RAMPART-286) Support for WS Policy optionality
on WS Security assertions
Posted by "Alexey Ilyin (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-286?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12846399#action_12846399 ]
Alexey Ilyin commented on RAMPART-286:
--------------------------------------
Once more addition for this issue:
If UsernameToken is optional and we don't set username in config or Options
Client should skip this assertion and don't add UsernameToken.
> Support for WS Policy optionality on WS Security assertions
> -----------------------------------------------------------
>
> Key: RAMPART-286
> URL: https://issues.apache.org/jira/browse/RAMPART-286
> Project: Rampart
> Issue Type: New Feature
> Reporter: Prabath Siriwardena
> Assignee: Ruchith Udayanga Fernando
>
> Support for WS Policy "Optional" attribute on the following WS Security Policy assertions:
> 1. <sp:IncludeTimestamp>
> 2. <sp:UsernameToken>
> 3. <sp:SignedParts> / <sp:Body>
> 4. <sp:EncryptedParts> / <sp:Body>
> 5. <sp:SupportingTokens> / <sp:X509Token>
> The optional processing would instruct the Rampart Policy-based validation to skip validating any of the above policy assertions if they are marked as optional, for example if having an optional UsernameToken:
> <wsp:Policy ...>
> <sp:UsernameToken wsp:Optional="true" .../>
> </wsp:Policy>
> and request does not contain an UsernameToken, no error should be generated.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (RAMPART-286) Support for WS Policy optionality on
WS Security assertions
Posted by "Prabath Siriwardena (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-286?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Prabath Siriwardena updated RAMPART-286:
----------------------------------------
Description:
Support for WS Policy "Optional" attribute on the following WS Security Policy assertions:
1. <sp:IncludeTimestamp>
2. <sp:UsernameToken>
3. <sp:SignedParts> / <sp:Body>
4. <sp:EncryptedParts> / <sp:Body>
5. <sp:SupportingTokens> / <sp:X509Token>
The optional processing would instruct the Rampart Policy-based validation to skip validating any of the above policy assertions if they are marked as optional, for example if having an optional UsernameToken:
<wsp:Policy ...>
<sp:UsernameToken wsp:Optional="true" .../>
</wsp:Policy>
and request does not contain an UsernameToken, no error should be generated.
was:
sSupport for WS Policy "Optional" attribute on the following WS Security Policy assertions:
1. <sp:IncludeTimestamp>
2. <sp:UsernameToken>
3. <sp:SignedParts> / <sp:Body>
4. <sp:EncryptedParts> / <sp:Body>
5. <sp:SupportingTokens> / <sp:X509Token>
The optional processing would instruct the Rampart Policy-based validation to skip validating any of the above policy assertions if they are marked as optional, for example if having an optional UsernameToken:
<wsp:Policy ...>
<sp:UsernameToken wsp:Optional="true" .../>
</wsp:Policy>
and request does not contain an UsernameToken, no error should be generated.
> Support for WS Policy optionality on WS Security assertions
> -----------------------------------------------------------
>
> Key: RAMPART-286
> URL: https://issues.apache.org/jira/browse/RAMPART-286
> Project: Rampart
> Issue Type: New Feature
> Reporter: Prabath Siriwardena
> Assignee: Ruchith Udayanga Fernando
>
> Support for WS Policy "Optional" attribute on the following WS Security Policy assertions:
> 1. <sp:IncludeTimestamp>
> 2. <sp:UsernameToken>
> 3. <sp:SignedParts> / <sp:Body>
> 4. <sp:EncryptedParts> / <sp:Body>
> 5. <sp:SupportingTokens> / <sp:X509Token>
> The optional processing would instruct the Rampart Policy-based validation to skip validating any of the above policy assertions if they are marked as optional, for example if having an optional UsernameToken:
> <wsp:Policy ...>
> <sp:UsernameToken wsp:Optional="true" .../>
> </wsp:Policy>
> and request does not contain an UsernameToken, no error should be generated.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.