[
https://issues.apache.org/jira/browse/RAMPART-299?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Samisa Abeysinghe updated RAMPART-299:
--------------------------------------
Assignee: (was: Ruchith Udayanga Fernando)
> Rampart ignores BootstrapPolicy settings in message exchange with
> WS-SecureConversation STS
> -------------------------------------------------------------------------------------------
>
> Key: RAMPART-299
> URL: https://issues.apache.org/jira/browse/RAMPART-299
> Project: Rampart
> Issue Type: Bug
> Components: rampart-trust
> Affects Versions: 1.5
> Reporter: Dennis Sosnoski
>
> I'm running some WS-SecureConversation tests with Axis2 1.5.1 and Rampart
> 1.5, and saw that Rampart is using the
> http://schemas.xmlsoap.org/ws/2005/02/trust namespace and actions for the
> request to the STS, along with the
> http://schemas.xmlsoap.org/ws/2004/08/addressing WS-Addressing and
> http://schemas.xmlsoap.org/ws/2005/02/sc WS-SecureConversation versions. How
> can I set Rampart to use the newer versions of these standards?
> I'm using WS-SecurityPolicy 1.2, and have <sp:Trust13> and
> <wsap:UsingAddressing xmlns="http://www.w3.org/2006/05/wsdl"/> tokens
> included in the policy, so Rampart appears to be ignoring the policy and just
> going with defaults for the request. I've also tried *not* specifying
> <wsap:UsingAddressing>, and Rampart still adds addressing headers in that
> case.
> I did see that there's some logic in RampartMessageData to set namespace
> versions from properties in the message context, but that logic appears
> flawed (lines 168-178):
> //Extract known properties from the msgCtx
> if(msgCtx.getProperty(KEY_WST_VERSION) != null) {
> this.wstVersion =
> TrustUtil.getWSTVersion((String)msgCtx.getProperty(KEY_WST_VERSION));
> }
> if(msgCtx.getProperty(KEY_WSSC_VERSION) != null) {
> this.secConvVersion =
> TrustUtil.getWSTVersion((String)msgCtx.getProperty(KEY_WSSC_VERSION));
> }
> Note that this is calling TrustUtil.getWSTVersion() for both the WS-Trust and
> the WS-SecureConversation version, so you'd have to use the WS-Trust
> namespaces as values of the wscVersion property in order for this to work.
> Worse, though, is that it looks like the options set on the original Client
> are not passed in to the STSClient used by Rampart for the STS request, so I
> don't see any way of setting the properties for the STSClient from my
> application code.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
