[jira] Updated: (RAMPART-278) PolicyBasedResultsValidator throws exception when headers encrypted before signing.

Samisa Abeysinghe (JIRA) Wed, 22 Dec 2010 03:06:31 -0800

     [ 
https://issues.apache.org/jira/browse/RAMPART-278?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Samisa Abeysinghe updated RAMPART-278:
--------------------------------------

    Assignee:     (was: Ruchith Udayanga Fernando)

> PolicyBasedResultsValidator throws exception when headers encrypted before 
> signing.
> -----------------------------------------------------------------------------------
>
>                 Key: RAMPART-278
>                 URL: https://issues.apache.org/jira/browse/RAMPART-278
>             Project: Rampart
>          Issue Type: Bug
>          Components: rampart-core
>            Reporter: todd wolff
>         Attachments: SignedEncryptedHeaders.patch
>
>
> PolicyBasedResultsValidator uses wsu:Id of signed elements to validate that 
> headers were signed.  If header was encrypted before signing, wsu:Id is id on 
> EncryptedHeader element, which was detached from header by WSS4J and replaced 
> with the decrypted header.  Consequently the check fails and validator 
> incorrectly throws an exception.
> Also RampartUtil excludes child text nodes when converting soap header 
> blocks, i.e. a header block with a single child text node would be 
> incorrectly converted to an empty header block.  See attached patch for 
> painless fix to both problems.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] Updated: (RAMPART-278) PolicyBasedResultsValidator throws exception when headers encrypted before signing.

Reply via email to