[
https://issues.apache.org/jira/browse/WSS-454?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Colm O hEigeartaigh closed WSS-454.
-----------------------------------
> TokenProtection error
> ---------------------
>
> Key: WSS-454
> URL: https://issues.apache.org/jira/browse/WSS-454
> Project: WSS4J
> Issue Type: Bug
> Reporter: Colm O hEigeartaigh
> Assignee: Marc Giger
> Fix For: 2.0.0
>
>
> There appears to be an error with the recent fix for "Never" Token Inclusion
> in a certain scenario. The security policy is an AsymmetricBinding with a
> SignedSupportingToken which is a KerberosToken. I get the error:
> SEVERE:
> {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}AsymmetricBinding
> not satisfied: Token
> /{http://schemas.xmlsoap.org/soap/envelope/}Envelope/{http://schemas.xmlsoap.org/soap/envelope/}Header/{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security/{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}BinarySecurityToken
> must not be signed by its signature.
> The Signature's KeyInfo is:
> <ds:KeyInfo
> Id="KI-cc3555a2-8d19-4f1e-82b2-bfc89b180cb4"><wsse:SecurityTokenReference
> wsu:Id="STR-4da957ee-8518-4aea-86fd-c8f27d7a48e7"><wsse:Reference
> URI="#X509-1e20c453-8f40-47dc-a594-1721f046ea2c"
> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/></wsse:SecurityTokenReference></ds:KeyInfo>
> and it references the Kerberos BST as:
> <ds:Reference URI="#BST-e2f17d3f-4022-430b-a185-5d565012e34b">
--
This message was sent by Atlassian JIRA
(v6.2#6252)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
