You are viewing a plain text version of this content. The canonical link for it is here.

Posted to rampart-dev@ws.apache.org by "todd wolff (JIRA)" <ji...@apache.org> on 2010/03/23 21:55:27 UTC

[jira] Created: (RAMPART-289) PolicyBasedResultsValidator Incorrectly Invalidates Supporting Token Signatures/Encryptions and Encrypted Supporting Tokens

PolicyBasedResultsValidator Incorrectly Invalidates Supporting Token Signatures/Encryptions and Encrypted Supporting Tokens
---------------------------------------------------------------------------------------------------------------------------

                 Key: RAMPART-289
                 URL: https://issues.apache.org/jira/browse/RAMPART-289
             Project: Rampart
          Issue Type: Bug
    Affects Versions: 1.5
            Reporter: todd wolff
            Assignee: Ruchith Udayanga Fernando


When encrypting/signing a request using supporting tokens, PolicyBasedResultsValidator incorrectly invalidates and throws an exception.  This class also incorrectly invalidates encrypted supporting tokens.  I am attaching a patch which fixes problem.  Note that this patch also includes modifications related to issue RAMPART-278.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Updated: (RAMPART-289) PolicyBasedResultsValidator Incorrectly Invalidates Supporting Token Signatures/Encryptions and Encrypted Supporting Tokens

Posted by "todd wolff (JIRA)" <ji...@apache.org>.

     [ https://issues.apache.org/jira/browse/RAMPART-289?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

todd wolff updated RAMPART-289:
-------------------------------

    Attachment: SupportingTokens.patch

This patch includes fixes for requests which contain encrypted tokens and/or an encrypted message signature.  The validator incorrectly fails when protection order is encrypt before signing and either of the above actions are present.

> PolicyBasedResultsValidator Incorrectly Invalidates Supporting Token Signatures/Encryptions and Encrypted Supporting Tokens
> ---------------------------------------------------------------------------------------------------------------------------
>
>                 Key: RAMPART-289
>                 URL: https://issues.apache.org/jira/browse/RAMPART-289
>             Project: Rampart
>          Issue Type: Bug
>    Affects Versions: 1.5
>            Reporter: todd wolff
>            Assignee: Ruchith Udayanga Fernando
>         Attachments: SupportingTokens.patch, SupportingTokens.patch
>
>
> When encrypting/signing a request using supporting tokens, PolicyBasedResultsValidator incorrectly invalidates and throws an exception.  This class also incorrectly invalidates encrypted supporting tokens.  I am attaching a patch which fixes problem.  Note that this patch also includes modifications related to issue RAMPART-278.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Updated: (RAMPART-289) PolicyBasedResultsValidator Incorrectly Invalidates Supporting Token Signatures/Encryptions and Encrypted Supporting Tokens

Posted by "todd wolff (JIRA)" <ji...@apache.org>.

     [ https://issues.apache.org/jira/browse/RAMPART-289?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

todd wolff updated RAMPART-289:
-------------------------------

    Attachment: SupportingTokens.patch

> PolicyBasedResultsValidator Incorrectly Invalidates Supporting Token Signatures/Encryptions and Encrypted Supporting Tokens
> ---------------------------------------------------------------------------------------------------------------------------
>
>                 Key: RAMPART-289
>                 URL: https://issues.apache.org/jira/browse/RAMPART-289
>             Project: Rampart
>          Issue Type: Bug
>    Affects Versions: 1.5
>            Reporter: todd wolff
>            Assignee: Ruchith Udayanga Fernando
>         Attachments: SupportingTokens.patch
>
>
> When encrypting/signing a request using supporting tokens, PolicyBasedResultsValidator incorrectly invalidates and throws an exception.  This class also incorrectly invalidates encrypted supporting tokens.  I am attaching a patch which fixes problem.  Note that this patch also includes modifications related to issue RAMPART-278.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.