[
https://issues.apache.org/jira/browse/RAMPART-389?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Stefan Vladov updated RAMPART-389:
----------------------------------
Attachment: SignatureConfirmationPolicy.xml
Attaching the policy used to simulate the issue
> RampartException: "Unexpected signature" thrown on client side when the
> service policy requires SignatureConfirmation and it is the only signed
> element.
> --------------------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: RAMPART-389
> URL: https://issues.apache.org/jira/browse/RAMPART-389
> Project: Rampart
> Issue Type: Bug
> Components: rampart-core
> Affects Versions: 1.6.2
> Reporter: Stefan Vladov
> Attachments: SignatureConfirmationPolicy.xml
>
>
> When validating signed parts the PolicyBasedResultsValidator does not handle
> SignatureConfirmation when receiving the service response. According to the
> security policy specification the wsse11:SignatureConfirmation element should
> be covered by the message signature, but rampart validator fails with
> "Unexpected signature" in case the SignatureConfirmation is the only signed
> thing in the response message, because it is not added to the list of
> expected signed parts/elements.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
