You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by "Prabath Siriwardena (JIRA)" <ji...@apache.org> on 2010/02/23 03:43:27 UTC

[jira] Updated: (RAMPART-286) Support for WS Policy optionality on WS Security assertions

     [ https://issues.apache.org/jira/browse/RAMPART-286?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Prabath Siriwardena updated RAMPART-286:
----------------------------------------

    Description: 
Support for WS Policy "Optional" attribute on the following WS Security Policy assertions: 

1. <sp:IncludeTimestamp> 
2. <sp:UsernameToken> 
3. <sp:SignedParts> / <sp:Body> 
4. <sp:EncryptedParts> / <sp:Body> 
5. <sp:SupportingTokens> / <sp:X509Token> 

The optional processing would instruct the Rampart Policy-based validation to skip validating any of the above policy assertions if they are marked as optional, for example if having an optional UsernameToken: 

<wsp:Policy ...> 
    <sp:UsernameToken wsp:Optional="true" .../> 
</wsp:Policy> 

and request does not contain an UsernameToken, no error should be generated.

  was:
sSupport for WS Policy "Optional" attribute on the following WS Security Policy assertions: 

1. <sp:IncludeTimestamp> 
2. <sp:UsernameToken> 
3. <sp:SignedParts> / <sp:Body> 
4. <sp:EncryptedParts> / <sp:Body> 
5. <sp:SupportingTokens> / <sp:X509Token> 

The optional processing would instruct the Rampart Policy-based validation to skip validating any of the above policy assertions if they are marked as optional, for example if having an optional UsernameToken: 

<wsp:Policy ...> 
    <sp:UsernameToken wsp:Optional="true" .../> 
</wsp:Policy> 

and request does not contain an UsernameToken, no error should be generated.


> Support for WS Policy optionality on WS Security assertions
> -----------------------------------------------------------
>
>                 Key: RAMPART-286
>                 URL: https://issues.apache.org/jira/browse/RAMPART-286
>             Project: Rampart
>          Issue Type: New Feature
>            Reporter: Prabath Siriwardena
>            Assignee: Ruchith Udayanga Fernando
>
> Support for WS Policy "Optional" attribute on the following WS Security Policy assertions: 
> 1. <sp:IncludeTimestamp> 
> 2. <sp:UsernameToken> 
> 3. <sp:SignedParts> / <sp:Body> 
> 4. <sp:EncryptedParts> / <sp:Body> 
> 5. <sp:SupportingTokens> / <sp:X509Token> 
> The optional processing would instruct the Rampart Policy-based validation to skip validating any of the above policy assertions if they are marked as optional, for example if having an optional UsernameToken: 
> <wsp:Policy ...> 
>     <sp:UsernameToken wsp:Optional="true" .../> 
> </wsp:Policy> 
> and request does not contain an UsernameToken, no error should be generated.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.