[
https://issues.apache.org/jira/browse/CXF-4516?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13461696#comment-13461696
]
Colm O hEigeartaigh commented on CXF-4516:
------------------------------------------
There are no assertion builders for any of the Require* assertions, as they are
already taken care of by the corresponding parent assertion. For example,
RequireEmbeddedTokenReference is already set on the X509Token model by the
X509TokenBuilder.
The problem is that no validation is done on the Require* assertions at the
moment, so if you want to enforce it, I suggest looking into this instead.
> Want WS-SecurityPolicy assertion builder for RequireEmbeddedTokenReference
> --------------------------------------------------------------------------
>
> Key: CXF-4516
> URL: https://issues.apache.org/jira/browse/CXF-4516
> Project: CXF
> Issue Type: Improvement
> Components: WS-* Components
> Affects Versions: 2.6.2
> Reporter: Chris Owens
> Priority: Minor
> Labels: Policy, WS-SecurityPolicy
>
> There do not appear to be WS-SecurityPolicy assertion builders for any of the
> Require<foo>Reference assertions, e.g. RequireEmbeddedTokenReference.
> I would be happy to start poking at this if someone would give me a 5 minute
> roadmap. I believe what needs to happen is in
> /cxf/trunk/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/builders;
> add a new assertion builder class that would be picked up by
> WSSecurityPolicyLoader; I can sort of guess by looking at the others what an
> AssertionBuilder is supposed to do, but there is probably more to it.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
