Marc/Colm,
Started looking into the wss4j2 integration stuff on Colms branch in CXF and
have a question:
In CXF, we have a few places where we're a little more "relaxed" during parsing
since most of the policies that out there may not be 100% correct. The first
example I hit was the ws:Policy child element in an HttpsToken. wss4j2 throws
an exception in this case whereas CXF logs a warning and continues. What are
your thoughts on this? Should we be completely strict or accept the
technically invalid policies that are very common? Changing the code in
HttpsBuilder to:
Policy nestedPolicy;
if (nestedPolicyElement == null) {
//throw new IllegalArgumentException("sp:HttpsToken must have an
inner wsp:Policy element");
nestedPolicy = new Policy();
} else {
nestedPolicy =
factory.getPolicyEngine().getPolicy(nestedPolicyElement);
}
seems to work fine. Likely should have a LOG in there…..
Also, any objections if I go through the code and remove the @author and
@version tags? Highly discouraged at Apache…. but the $Author$ and $Revision$
things and such don't get expanded with git. :-)
Thoughts?
--
Daniel Kulp
[email protected] - http://dankulp.com/blog
Talend Community Coder - http://coders.talend.com
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
