[
https://issues.apache.org/jira/browse/RAMPART-276?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
S.Uthaiyashankar reassigned RAMPART-276:
----------------------------------------
Assignee: S.Uthaiyashankar (was: Ruchith Udayanga Fernando)
> SignedEncryptedElements can incorrectly set the namespace of child xpaths
> during serialization
> ----------------------------------------------------------------------------------------------
>
> Key: RAMPART-276
> URL: https://issues.apache.org/jira/browse/RAMPART-276
> Project: Rampart
> Issue Type: Bug
> Components: rampart-policy
> Affects Versions: 1.5
> Reporter: Dave Bryant
> Assignee: S.Uthaiyashankar
>
> If you create a security policy that includes signed or encrypted elements,
> where the SignedEncryptedElements object contains multiple xpaths for
> specifying parts of the message to sign/encrypt, and a namespace map to
> qualify the prefixes used in xpaths exists, then serializing the
> SignedEncryptedElements object incorrectly sets the namespace URI for the
> second <sp:XPath> element that is output.
> For example, if you specify two xpaths (xs:fred and rns1:bob) to be signed
> and setup the namespace map appropriately to define the xs and rns1 prefixes,
> the second XPath element is output using the xs prefix (the XML schema
> namespace) instead of the sp prefix (the security policy namespace).
> {code:xml}
> <sp:SignedElements
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
> <sp:XPath
> xmlns:rns1="http://www.orionhealth.com/rhapsody/2009/11/TestService";>//xs:fred</sp:XPath>
> <xs:XPath
> xmlns:rns1="http://www.orionhealth.com/rhapsody/2009/11/TestService";>//rns1:bob</xs:XPath>
> </sp:SignedElements>
> {code}
> The problem was introduced in revision 76056 of SignedEncryptedElements.java
> (http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/SignedEncryptedElements.java?r1=653992&r2=760506)
> where support was added to output the defined namespaces. The problem is
> that the local variables 'prefix' and 'namespaceURI' is assigned when output
> the namespace map, and then that same variable is reused to output the next
> XPath.
> A patch that resolves this problem is below:
> {code}
> Index:
> src/main/java/org/apache/ws/secpolicy/model/SignedEncryptedElements.java
> ===================================================================
> --- src/main/java/org/apache/ws/secpolicy/model/SignedEncryptedElements.java
> (revision 61550)
> +++ src/main/java/org/apache/ws/secpolicy/model/SignedEncryptedElements.java
> (working copy)
> @@ -122,9 +122,9 @@
> Iterator<String> namespaces =
> declaredNamespaces.keySet().iterator();
>
> while(namespaces.hasNext()) {
> - prefix = (String) namespaces.next();
> - namespaceURI = (String) declaredNamespaces.get(prefix);
> - writer.writeNamespace(prefix,namespaceURI);
> + final String declaredPrefix = (String) namespaces.next();
> + final String declaredNamespaceURI = (String)
> declaredNamespaces.get(declaredPrefix);
> + writer.writeNamespace(declaredPrefix,declaredNamespaceURI);
> }
>
> writer.writeCharacters(xpathExpression);
> {code}
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
