You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by "Narayan S Dhillon (JIRA)" <ji...@apache.org> on 2008/02/13 19:13:08 UTC
[jira] Updated: (RAMPART-141) Issue of Rampart not supporting
X509PKIPathv1 token
[ https://issues.apache.org/jira/browse/RAMPART-141?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Narayan S Dhillon updated RAMPART-141:
--------------------------------------
Description:
*Issue: Rampart doesnt support X509 certification path token type X509PKIPathv1.
*Example:
If I use following ws-policy, Rampart still generates the SOAP message with X509V3 token.
**policy:
<sp:AsymmetricBinding>
<wsp:Policy>
<sp:InitiatorToken>
<wsp:Policy>
<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<sp:WssX509PkiPathV1Token10/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:InitiatorToken>
**Security token generated:
<wsse:BinarySecurityToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="CertId-1813950">MIIC...g==</wsse:BinarySecurityToken>
*Resolution:
org.apache.rampart.builder.BindingBuilder.getSignatureBuider(..) should set org.apache.ws.security.message.WSSecSignature.useSingleCert to false if token type is Constants.WSS_X509_PKI_PATH_V1_TOKEN10 or
Constants.WSS_X509_PKI_PATH_V1_TOKEN11
was:
Issue: Rampart doesnt support X509 certification path token type X509PKIPathv1.
Example:
If I use following ws-policy, Rampart still generates the SOAP message with X509V3 token.
<sp:AsymmetricBinding>
<wsp:Policy>
<sp:InitiatorToken>
<wsp:Policy>
<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<sp:WssX509PkiPathV1Token10/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:InitiatorToken>
> Issue of Rampart not supporting X509PKIPathv1 token
> ---------------------------------------------------
>
> Key: RAMPART-141
> URL: https://issues.apache.org/jira/browse/RAMPART-141
> Project: Rampart
> Issue Type: Bug
> Components: rampart-core
> Affects Versions: 1.3
> Reporter: Narayan S Dhillon
>
> *Issue: Rampart doesnt support X509 certification path token type X509PKIPathv1.
> *Example:
> If I use following ws-policy, Rampart still generates the SOAP message with X509V3 token.
> **policy:
> <sp:AsymmetricBinding>
> <wsp:Policy>
> <sp:InitiatorToken>
> <wsp:Policy>
> <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
> <wsp:Policy>
> <sp:WssX509PkiPathV1Token10/>
> </wsp:Policy>
> </sp:X509Token>
> </wsp:Policy>
> </sp:InitiatorToken>
> **Security token generated:
> <wsse:BinarySecurityToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="CertId-1813950">MIIC...g==</wsse:BinarySecurityToken>
> *Resolution:
> org.apache.rampart.builder.BindingBuilder.getSignatureBuider(..) should set org.apache.ws.security.message.WSSecSignature.useSingleCert to false if token type is Constants.WSS_X509_PKI_PATH_V1_TOKEN10 or
> Constants.WSS_X509_PKI_PATH_V1_TOKEN11
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.