You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ws.apache.org by "Colm O hEigeartaigh (Closed) (JIRA)" <ji...@apache.org> on 2011/10/03 11:04:40 UTC

[jira] [Closed] (WSS-57) [PROPOSAL] Add additional information to WSSecurityEngineResult, to enhance enforce-ability of policy

     [ https://issues.apache.org/jira/browse/WSS-57?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Colm O hEigeartaigh closed WSS-57.
----------------------------------

    
> [PROPOSAL] Add additional information to WSSecurityEngineResult, to enhance enforce-ability of policy
> -----------------------------------------------------------------------------------------------------
>
>                 Key: WSS-57
>                 URL: https://issues.apache.org/jira/browse/WSS-57
>             Project: WSS4J
>          Issue Type: Improvement
>            Reporter: Fred Dushin
>            Assignee: Davanum Srinivas
>         Attachments: WSS-57.patch, wss-57.patch
>
>
> Currently, the WSSecurityEngineResult type yeilds the following information, when returned after processing security headers in a message:
>  * the action performed (signature or encryption)
>  * a representation of the received identity, encapsulated in a java.security.Principal
>  * the recieved certificate, in the case of singing
>  * the operative SAML assertion (if applicable)
>  * any timestamp information (if applicable)
>  * a set of wsu:ids, representing the signed elements (
>  * the signature
>  * the signature confirmation
> It would be useful to also get a reference to the DOM elements that were signed or encrypted, as well.
> I would propose that instead of defining a *Results object, we instead generalize the type to something like a Map, which has the advantage that we can add information through the returned structure without having to modify an otherwise potentially brittle type.  All we then need to do is provide constants for the tags we use to select these values from the map, and document, accordingly.
> A patch will be submitted separately.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org