Aslak Os created WSS-506:
----------------------------
Summary: Wss4jSecurityInterceptor.verifyCertificateTrust does not
respect validators from WSSConfig
Key: WSS-506
URL: https://issues.apache.org/jira/browse/WSS-506
Project: WSS4J
Issue Type: Bug
Components: WSS4J Core
Affects Versions: 2.0.1
Reporter: Aslak Os
Assignee: Colm O hEigeartaigh
While working on a custom certificate trust system. I discovert that in order
to supply a custom validator of trust i had to both set it in WSSConfig and
override the verifyCertificateTrust method.
The reason is that the verifyCertificateTrust instansiate a Validator hardcoded
by name useing its constructor.
I would assume and prefer that it used the configuration set in WSSConfig. How
ever it could be that this is done intentionally.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
