I don't think a unit test is needed, as it's just setting a single attribute. I will take care of the "ACTOR" attribute as part of this task.
Colm. On Fri, Jun 14, 2013 at 2:11 PM, <[email protected]> wrote: > Hi, > > I have submitted a patch to the jira issue, CXF-5079, and we have > verified the solution in our environment. > > Do we require a unit test and if so - any ideas on how this should be done? > > It also seems like SOAP actor is hardcoded, maybe we should consider a > similar patch for this as well? > > Best regards, > > /Oddbjørn > > > ___________________________________________________________________________________________ > Oddbjørn Heimdal > Accenture Technology Consulting - Security > Snarøyveien 30, P.O. Box 363, 1326 Lysaker, Norway > Mobile: +47 99 72 19 12 > Email: [email protected] > > -----Original Message----- > From: Colm O hEigeartaigh [mailto:[email protected]] > Sent: 13. June 2013 17:07 > To: [email protected] > Subject: Re: Mustunderstand hardcodes = true in > PolicyBasedWSS4JOutInterceptor > > Yes, please submit a patch for this. > > Colm. > > > On Thu, Jun 13, 2013 at 3:53 PM, <[email protected]> wrote: > > > Hi, > > > > We have hit a limitation in PolicyBasedWSS4JOutInterceptor which hard > > codes mustUnderstand = true (line 99). This is configurable in the > > WSS4JOutInterceptor today, but not when using policy. > > > > public void handleMessage(SoapMessage message) throws Fault { > > Collection<AssertionInfo> ais; > > SOAPMessage saaj = message.getContent(SOAPMessage.class); > > > > boolean mustUnderstand = true; > > String actor = null; > > > > Obviously this makes sense in most cases, but we have some > > intermediaries which do not understand security... > > > > Would you accept a patch to have this configurable, for instance by > > creating a new property in SecurityConstants (for instance > > ws-security.mustsunderstand) and default to true? > > > > Best regards, > > > > Oddbjørn > > > > ______________________________________________________________________ > > _____________________ > > Oddbjørn Heimdal > > Accenture Technology Consulting - Security Snarøyveien 30, P.O. Box > > 363, 1326 Lysaker, Norway > > Mobile: +47 99 72 19 12 > > Email: [email protected]<mailto: > > [email protected]> > > > > > > ________________________________ > > This message is for the designated recipient only and may contain > > privileged, proprietary, or otherwise confidential information. If you > > have received it in error, please notify the sender immediately and > > delete the original. Any other use of the e-mail by you is prohibited. > > > > Where allowed by local law, electronic communications with Accenture > > and its affiliates, including e-mail and instant messaging (including > > content), may be scanned by our systems for the purposes of > > information security and assessment of internal compliance with > Accenture policy. > > > > > > ______________________________________________________________________ > > ________________ > > > > www.accenture.com > > > > > > -- > Colm O hEigeartaigh > > Talend Community Coder > http://coders.talend.com > > This message is for the designated recipient only and may contain > privileged, proprietary, or otherwise confidential information. If you have > received it in error, please notify the sender immediately and delete the > original. Any other use of the e-mail by you is prohibited. > > Where allowed by local law, electronic communications with Accenture and > its affiliates, including e-mail and instant messaging (including content), > may be scanned by our systems for the purposes of information security and > assessment of internal compliance with Accenture policy. > > > ______________________________________________________________________________________ > > www.accenture.com > > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
