[
https://issues.apache.org/jira/browse/CXF-6343?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14497798#comment-14497798
]
ASF GitHub Bot commented on CXF-6343:
-------------------------------------
GitHub user spark404 opened a pull request:
https://github.com/apache/cxf/pull/66
CXF-6343 Support and parse EncryptedHeader
Pull request for the master branch.
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/spark404/cxf CXF-6343-master
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/cxf/pull/66.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #66
----
commit dcfe0bb598ecb7f1b44e4e0fec7b4fabd91ab2ad
Author: Hugo Trippaers <[email protected]>
Date: 2015-04-10T08:29:06Z
[CXF-6343] Add test cases to validate handling of EncryptedHeader tags
commit 4ccac09c38693cf73d8f8af9ebdbef473f6d0130
Author: Hugo Trippaers <[email protected]>
Date: 2015-04-10T08:30:07Z
[CXF-6343] Change Element to Header for header parts that should be
encrypted
commit c24219fa2a747e82cb65222196dc7ac91648f01b
Author: Hugo Trippaers <[email protected]>
Date: 2015-04-10T10:31:09Z
[CXF-6343] Remove debug statement from the code
commit 7482683ade6f2ef44a530ececa70c36439070ada
Author: Hugo Trippaers <[email protected]>
Date: 2015-04-10T10:31:45Z
[CXF-6343] Make the MustUnderstandInterceptor give a positive response on
EncryptedHeader
----
> EncryptedHeader not properly processed or generated
> ---------------------------------------------------
>
> Key: CXF-6343
> URL: https://issues.apache.org/jira/browse/CXF-6343
> Project: CXF
> Issue Type: Bug
> Components: WS-* Components
> Affects Versions: 3.0.4
> Reporter: Hugo Trippaers
> Assignee: Colm O hEigeartaigh
> Fix For: 3.1.0, 3.0.5
>
>
> We spend quite some time getting interoperability with .NET 4.5 to work. In
> the end we managed to track down the problem to EncryptedHeader. .NET wraps
> EncryptedData for headers in an EncryptedHeader. This can be properly
> understood and parsed by WSS4J, however CXF will return an error first
> telling the client that it doesn't understand the EncryptedHeader element.
> This can be fixed by adding the following
> QName("http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd";,
> "EncryptedHeader") to the understood headers in the AbstractTokenInterceptor
> The return path has a problem as well, the EncryptedHeaders are not generated
> by WSS4J while they should be (if i understand the spec correctly). This
> seems to be due to a bug in AbstractBindingBuilder where the method
> getEncryptedParts the following snippet should have Header instead of Element
> for headers
> List<WSEncryptionPart> signedParts = new
> ArrayList<WSEncryptionPart>();
> if (parts != null) {
> isBody = parts.isBody();
> for (Header head : parts.getHeaders()) {
> WSEncryptionPart wep = new WSEncryptionPart(head.getName(),
>
> head.getNamespace(),
> "Element");
> signedParts.add(wep);
> }
>
> Attachments attachments = parts.getAttachments();
> if (attachments != null) {
> WSEncryptionPart wep = new
> WSEncryptionPart("cid:Attachments", "Element");
> signedParts.add(wep);
> }
> }
> I'm more than happy to provide a patch for this, but i'm looking for a second
> opinion on this analysis.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
