[
https://issues.apache.org/jira/browse/CXF-6597?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Bas Nossing updated CXF-6597:
-----------------------------
Description:
A recent bugreport (https://issues.apache.org/jira/browse/CXF-6473 to be exact)
was fixed in CXF version 3.0.6
However, when we tried to update our WildFly to version 8.2.1 to incorporate
this bugfix we ran into a new issue: http://pastebin.com/ezewT9Mw
It seems CXF version 3.0.6 introduces an issue with WS-Policy parsing that no
longer allows the following definition:
{code:xml}
<wsp:Policy wsu:Id="X509EndpointPolicy">
<wsp:ExactlyOne>
...
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic128Rsa15/>
<sp:Basic256Rsa15/>
<sp:TripleDesRsa15/>
</wsp:Policy>
</sp:AlgorithmSuite>
...
</wsp:ExactlyOne>
</wsp:Policy>
{code}
(excerpt from WSDL http://pastebin.com/BSMais7F and accompanying XSD
http://pastebin.com/DRXc0Tfa)
However, according to W3C (http://www.w3.org/Submission/WS-Policy/) this is a
perfectly valid definition.
Removing two of the key-transport-algorithms (leaving one remaining algorithm)
from our definition makes the invalid policy exception disappear.
was:
A recent bugreport (https://issues.apache.org/jira/browse/CXF-6473 to be exact)
was fixed in CXF version 3.0.6
However, when we tried to update our WildFly to version 8.2.1 to incorporate
this bugfix we ran into a new issue: http://pastebin.com/ezewT9Mw
It seems CXF version 3.0.6 introduces an issue with WS-Policy parsing that no
longer allows the following definition:
{{
<wsp:Policy wsu:Id="X509EndpointPolicy">
<wsp:ExactlyOne>
...
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic128Rsa15/>
<sp:Basic256Rsa15/>
<sp:TripleDesRsa15/>
</wsp:Policy>
</sp:AlgorithmSuite>
...
</wsp:ExactlyOne>
</wsp:Policy>
}}
(excerpt from WSDL http://pastebin.com/BSMais7F and accompanying XSD
http://pastebin.com/DRXc0Tfa)
However, according to W3C (http://www.w3.org/Submission/WS-Policy/) this is a
perfectly valid definition.
Removing two of the key-transport-algorithms (leaving one remaining algorithm)
from our definition makes the invalid policy exception disappear.
> Invalid Policy Exception on valid on WS-Policy
> ----------------------------------------------
>
> Key: CXF-6597
> URL: https://issues.apache.org/jira/browse/CXF-6597
> Project: CXF
> Issue Type: Bug
> Components: JAX-WS Runtime
> Affects Versions: 3.0.6
> Environment: WildFly 8.2.1.Final
> Reporter: Bas Nossing
>
> A recent bugreport (https://issues.apache.org/jira/browse/CXF-6473 to be
> exact) was fixed in CXF version 3.0.6
> However, when we tried to update our WildFly to version 8.2.1 to incorporate
> this bugfix we ran into a new issue: http://pastebin.com/ezewT9Mw
> It seems CXF version 3.0.6 introduces an issue with WS-Policy parsing that no
> longer allows the following definition:
> {code:xml}
> <wsp:Policy wsu:Id="X509EndpointPolicy">
> <wsp:ExactlyOne>
> ...
> <sp:AlgorithmSuite>
> <wsp:Policy>
> <sp:Basic128Rsa15/>
> <sp:Basic256Rsa15/>
> <sp:TripleDesRsa15/>
> </wsp:Policy>
> </sp:AlgorithmSuite>
> ...
> </wsp:ExactlyOne>
> </wsp:Policy>
> {code}
> (excerpt from WSDL http://pastebin.com/BSMais7F and accompanying XSD
> http://pastebin.com/DRXc0Tfa)
> However, according to W3C (http://www.w3.org/Submission/WS-Policy/) this is a
> perfectly valid definition.
> Removing two of the key-transport-algorithms (leaving one remaining
> algorithm) from our definition makes the invalid policy exception disappear.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
