Yes, please submit a patch for this. Colm.
On Thu, Jun 13, 2013 at 3:53 PM, <[email protected]> wrote: > Hi, > > We have hit a limitation in PolicyBasedWSS4JOutInterceptor which hard > codes mustUnderstand = true (line 99). This is configurable in the > WSS4JOutInterceptor today, but not when using policy. > > public void handleMessage(SoapMessage message) throws Fault { > Collection<AssertionInfo> ais; > SOAPMessage saaj = message.getContent(SOAPMessage.class); > > boolean mustUnderstand = true; > String actor = null; > > Obviously this makes sense in most cases, but we have some intermediaries > which do not understand security... > > Would you accept a patch to have this configurable, for instance by > creating a new property in SecurityConstants (for instance > ws-security.mustsunderstand) and default to true? > > Best regards, > > Oddbjørn > > ___________________________________________________________________________________________ > Oddbjørn Heimdal > Accenture Technology Consulting - Security > Snarøyveien 30, P.O. Box 363, 1326 Lysaker, Norway > Mobile: +47 99 72 19 12 > Email: [email protected]<mailto: > [email protected]> > > > ________________________________ > This message is for the designated recipient only and may contain > privileged, proprietary, or otherwise confidential information. If you have > received it in error, please notify the sender immediately and delete the > original. Any other use of the e-mail by you is prohibited. > > Where allowed by local law, electronic communications with Accenture and > its affiliates, including e-mail and instant messaging (including content), > may be scanned by our systems for the purposes of information security and > assessment of internal compliance with Accenture policy. > > > ______________________________________________________________________________________ > > www.accenture.com > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
