[
https://issues.apache.org/jira/browse/CXF-5046?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13669358#comment-13669358
]
Colm O hEigeartaigh commented on CXF-5046:
------------------------------------------
Could you also attach the policy that is not working correctly?
Colm.
> EncryptedSupportingTokens used with EncryptBeforeSigning does not encrypt
> Username token
> ----------------------------------------------------------------------------------------
>
> Key: CXF-5046
> URL: https://issues.apache.org/jira/browse/CXF-5046
> Project: CXF
> Issue Type: Bug
> Components: WS-* Components
> Affects Versions: 2.6.2, 2.7.5
> Environment: All platforms
> Reporter: Syed Abdul Wadood
> Labels: patch
> Fix For: 2.6.8, 2.6.9
>
> Attachments: asymbind_patch.txt,
> encrypted_supporting_tokens_policy.xml
>
> Original Estimate: 72h
> Remaining Estimate: 72h
>
> In some cases, the <EncryptedSupportingTokens> policy assertion does not
> encrypt the supporting token. When the policy contains the
> <EncryptBeforeSigning> assertion, <SignedParts> and <EncryptedParts>
> assertions along with the <EncryptedSupportingTokens> assertion for a
> username token, the username token is not encrypted in the outbound SOAP
> message.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
