You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-dev@axis.apache.org by "Stefan Vladov (JIRA)" <ji...@apache.org> on 2012/09/19 15:34:07 UTC
[jira] [Updated] (RAMPART-390) SupportingToken assertions do not
support multiple nested protection assertions
[ https://issues.apache.org/jira/browse/RAMPART-390?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Stefan Vladov updated RAMPART-390:
----------------------------------
Attachment: SupportingTokenPatch.txt
Attached suggested patch.
The solution is quite simple - currently when serializing the SupportingToken rampart will go
if (signedParts != null) { ...
} else if (signedElements != null) { ...
} else if (encryptedParts != null) { ...
} else if (encryptedElements != null) { ...
}
basically the "else"-s need to be removed :)
> SupportingToken assertions do not support multiple nested protection assertions
> -------------------------------------------------------------------------------
>
> Key: RAMPART-390
> URL: https://issues.apache.org/jira/browse/RAMPART-390
> Project: Rampart
> Issue Type: Bug
> Components: rampart-policy
> Affects Versions: 1.6.2
> Reporter: Stefan Vladov
> Priority: Minor
> Attachments: SupportingTokenPatch.txt
>
>
> The SupportingToken class in the rampart-policy component will only handle one of the following protection assertions:
> - SignedParts
> - SignedElements
> - EncryptedParts
> - EncryptedElements
> According to the specification several of these may appear in a supporting token policy (for example:
> <sp:EncryptedSupportingTokens xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
> <wsp:Policy>
> <sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Always">
> <wsp:Policy>
> <sp:WssX509V3Token10 />
> </wsp:Policy>
> </sp:X509Token>
>
> <sp:SignedParts xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
> <sp:Body />
> <sp:Header Namespace="http://localhost/HeaderNS_1" Name="HeaderLocal_1" />
> <sp:Header Namespace="http://localhost/HeaderNS_2" />
> </sp:SignedParts>
>
> <sp:EncryptedParts xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
> <sp:Body />
> <sp:Header Namespace="http://localhost/HeaderNS_2" />
> </sp:EncryptedParts>
> </wsp:Policy>
> </sp:EncryptedSupportingTokens>
> )
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org