[jira] [Closed] (WSS-454) TokenProtection error

["Colm O hEigeartaigh (JIRA)" <ji...@apache.org>]

     [ https://issues.apache.org/jira/browse/WSS-454?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Colm O hEigeartaigh closed WSS-454.
-----------------------------------


> TokenProtection error
> ---------------------
>
>                 Key: WSS-454
>                 URL: https://issues.apache.org/jira/browse/WSS-454
>             Project: WSS4J
>          Issue Type: Bug
>            Reporter: Colm O hEigeartaigh
>            Assignee: Marc Giger
>             Fix For: 2.0.0
>
>
> There appears to be an error with the recent fix for "Never" Token Inclusion in a certain scenario. The security policy is an AsymmetricBinding with a SignedSupportingToken which is a KerberosToken. I get the error:
> SEVERE: {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}AsymmetricBinding not satisfied: Token /{http://schemas.xmlsoap.org/soap/envelope/}Envelope/{http://schemas.xmlsoap.org/soap/envelope/}Header/{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security/{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}BinarySecurityToken must not be signed by its signature.
> The Signature's KeyInfo is:
> <ds:KeyInfo Id="KI-cc3555a2-8d19-4f1e-82b2-bfc89b180cb4"><wsse:SecurityTokenReference wsu:Id="STR-4da957ee-8518-4aea-86fd-c8f27d7a48e7"><wsse:Reference URI="#X509-1e20c453-8f40-47dc-a594-1721f046ea2c" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/></wsse:SecurityTokenReference></ds:KeyInfo>
> and it references the Kerberos BST as:
> <ds:Reference URI="#BST-e2f17d3f-4022-430b-a185-5d565012e34b">



--
This message was sent by Atlassian JIRA
(v6.2#6252)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org