[
https://issues.apache.org/jira/browse/CXF-4595?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13482197#comment-13482197
]
Colm O hEigeartaigh commented on CXF-4595:
------------------------------------------
Hi Jason,
I don't like the approach you've taken in the patch - the
HttpsTokenInInterceptor should not throw an exception in case there are other
policy alternatives that may work.
I think the best approach is just to remove the assertPolicy(aim,
binding.getTransportToken().getToken()); line from the
TransportBindingPolicyValidator.
Colm.
> RequireClientCertificate is not validated
> -----------------------------------------
>
> Key: CXF-4595
> URL: https://issues.apache.org/jira/browse/CXF-4595
> Project: CXF
> Issue Type: Bug
> Components: WS-* Components
> Affects Versions: 2.7.0
> Reporter: Jason Pell
> Attachments: patch.txt, PolicySample.tar.gz
>
>
> I can execute a web service which has a RequireClientCertificate="true"
> policy in the transport binding, the problem is that my client is not
> providing a certificate.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
