[jira] [Created] (CXF-3630) WSS4JIn Interceptor Issue

Fri, 01 Jul 2011 14:55:52 -0700 

WSS4JIn     Interceptor   Issue
-------------------------------

                 Key: CXF-3630
                 URL: https://issues.apache.org/jira/browse/CXF-3630
             Project: CXF
          Issue Type: Bug
          Components: WS-* Components
    Affects Versions: 2.4
            Reporter: Srinivasa Kukatla


WSS4JInInterceptor does not assert the policies. Hence I had to use the 
PolicyBasedWSS4JInInterceptor, but it does not have the constructor. Hence I 
had to add the constructor. Here is another problem:

I need the following requirement, Saml Assertion needs to be signed, Timestamp 
needs to be signed:

But, on the wss4jOutInterceptor, if I say Timestamp, SAMLTokenSigned, and 
Signature, the actions are mismatching. Hence i had to use only the first two 
actions.


<constructor-arg>
            <map>
                <entry key="action" value="Timestamp SAMLTokenSigned"/>
                <entry key="timeToLive" 
value="${timestamp.expiration.property}"/>
                <entry key="user" value="${client.signature.username}"/>
                <entry>
                                                <key>
                                                
<value>passwordCallbackRef</value>
                                                </key>
                                                <ref 
bean="passwordCallBackHandler"/>
                                </entry>
                <entry key="passwordType" value="PasswordDigest" />
                <entry key="samlPropFile" value="${client.saml.properties}"/>
                <entry key="signaturePropFile" 
value="${client.signature.properties}" />
                <entry key="signatureAlgorithm" 
value="http://www.w3.org/2000/09/xmldsig#rsa-sha1"; />
                <entry key="signatureDigestAlgorithm" 
value="http://www.w3.org/2000/09/xmldsig#sha1"; />
                <entry key="signatureParts" 
value="{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;"/>
           </map>
        </constructor-arg>

But, on the WSS4JInInterceptor, I needed to configure 3 actions as shown below:

<constructor-arg>
            <map>
                <entry key="action" value="Timestamp SAMLTokenSigned Signature 
"/>
                <entry key="timeToLive" 
value="${timestamp.expiration.property}"/>
                <entry key="passwordType" value="PasswordDigest" />
                <entry key="signaturePropFile" 
value="${server.signature.properties}" />
                <entry key="signatureAlgorithm" 
value="http://www.w3.org/2000/09/xmldsig#rsa-sha1"; />
                <entry key="signatureDigestAlgorithm" 
value="http://www.w3.org/2000/09/xmldsig#sha1"; />
                <entry key="signatureParts" 
value="{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;"/>
                <entry key="enableSignatureConfirmation" value="true" />
           </map>
        </constructor-arg>




--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to