[jira] [Closed] (WSS-57) [PROPOSAL] Add additional information to WSSecurityEngineResult, to enhance enforce-ability of policy

Mon, 03 Oct 2011 02:06:42 -0700 

     [ 
https://issues.apache.org/jira/browse/WSS-57?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Colm O hEigeartaigh closed WSS-57.
----------------------------------

    
> [PROPOSAL] Add additional information to WSSecurityEngineResult, to enhance 
> enforce-ability of policy
> -----------------------------------------------------------------------------------------------------
>
>                 Key: WSS-57
>                 URL: https://issues.apache.org/jira/browse/WSS-57
>             Project: WSS4J
>          Issue Type: Improvement
>            Reporter: Fred Dushin
>            Assignee: Davanum Srinivas
>         Attachments: WSS-57.patch, wss-57.patch
>
>
> Currently, the WSSecurityEngineResult type yeilds the following information, 
> when returned after processing security headers in a message:
>  * the action performed (signature or encryption)
>  * a representation of the received identity, encapsulated in a 
> java.security.Principal
>  * the recieved certificate, in the case of singing
>  * the operative SAML assertion (if applicable)
>  * any timestamp information (if applicable)
>  * a set of wsu:ids, representing the signed elements (
>  * the signature
>  * the signature confirmation
> It would be useful to also get a reference to the DOM elements that were 
> signed or encrypted, as well.
> I would propose that instead of defining a *Results object, we instead 
> generalize the type to something like a Map, which has the advantage that we 
> can add information through the returned structure without having to modify 
> an otherwise potentially brittle type.  All we then need to do is provide 
> constants for the tags we use to select these values from the map, and 
> document, accordingly.
> A patch will be submitted separately.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: 
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to