You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ws.apache.org by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org> on 2010/11/29 17:45:12 UTC

[jira] Created: (WSS-255) Add support for enforcing a text or digest password type when processing a UsernameToken

Add support for enforcing a text or digest password type when processing a UsernameToken
----------------------------------------------------------------------------------------

                 Key: WSS-255
                 URL: https://issues.apache.org/jira/browse/WSS-255
             Project: WSS4J
          Issue Type: New Feature
    Affects Versions: 1.5.9
            Reporter: Colm O hEigeartaigh
            Assignee: Colm O hEigeartaigh
             Fix For: 1.6



The UsernameTokenProcessor does not currently enforce the "passwordType" property on the inbound side. This task is to add a configuration switch (default to false for backwards compatibility) which enforces the "passwordType" property on an inbound Username Token. This functionality gives the receiver the ability to make sure that the received token is e.g. password digest, and not plaintext.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org


[jira] Closed: (WSS-255) Add support for enforcing a text or digest password type when processing a UsernameToken

Posted by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org>.
     [ https://issues.apache.org/jira/browse/WSS-255?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Colm O hEigeartaigh closed WSS-255.
-----------------------------------


> Add support for enforcing a text or digest password type when processing a UsernameToken
> ----------------------------------------------------------------------------------------
>
>                 Key: WSS-255
>                 URL: https://issues.apache.org/jira/browse/WSS-255
>             Project: WSS4J
>          Issue Type: New Feature
>    Affects Versions: 1.5.9
>            Reporter: Colm O hEigeartaigh
>            Assignee: Colm O hEigeartaigh
>             Fix For: 1.6
>
>
> The UsernameTokenProcessor does not currently enforce the "passwordType" property on the inbound side. This task is to add a configuration switch (default to false for backwards compatibility) which enforces the "passwordType" property on an inbound Username Token. This functionality gives the receiver the ability to make sure that the received token is e.g. password digest, and not plaintext.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org


[jira] Resolved: (WSS-255) Add support for enforcing a text or digest password type when processing a UsernameToken

Posted by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org>.
     [ https://issues.apache.org/jira/browse/WSS-255?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Colm O hEigeartaigh resolved WSS-255.
-------------------------------------

    Resolution: Fixed

> Add support for enforcing a text or digest password type when processing a UsernameToken
> ----------------------------------------------------------------------------------------
>
>                 Key: WSS-255
>                 URL: https://issues.apache.org/jira/browse/WSS-255
>             Project: WSS4J
>          Issue Type: New Feature
>    Affects Versions: 1.5.9
>            Reporter: Colm O hEigeartaigh
>            Assignee: Colm O hEigeartaigh
>             Fix For: 1.6
>
>
> The UsernameTokenProcessor does not currently enforce the "passwordType" property on the inbound side. This task is to add a configuration switch (default to false for backwards compatibility) which enforces the "passwordType" property on an inbound Username Token. This functionality gives the receiver the ability to make sure that the received token is e.g. password digest, and not plaintext.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org