Stefan Vladov created RAMPART-390:
-------------------------------------
Summary: SupportingToken assertions do not support multiple nested
protection assertions
Key: RAMPART-390
URL: https://issues.apache.org/jira/browse/RAMPART-390
Project: Rampart
Issue Type: Bug
Components: rampart-policy
Affects Versions: 1.6.2
Reporter: Stefan Vladov
Priority: Minor
The SupportingToken class in the rampart-policy component will only handle one
of the following protection assertions:
- SignedParts
- SignedElements
- EncryptedParts
- EncryptedElements
According to the specification several of these may appear in a supporting
token policy (for example:
<sp:EncryptedSupportingTokens
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
<wsp:Policy>
<sp:X509Token
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Always";>
<wsp:Policy>
<sp:WssX509V3Token10 />
</wsp:Policy>
</sp:X509Token>
<sp:SignedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
<sp:Body />
<sp:Header Namespace="http://localhost/HeaderNS_1";
Name="HeaderLocal_1" />
<sp:Header Namespace="http://localhost/HeaderNS_2"; />
</sp:SignedParts>
<sp:EncryptedParts
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
<sp:Body />
<sp:Header Namespace="http://localhost/HeaderNS_2"; />
</sp:EncryptedParts>
</wsp:Policy>
</sp:EncryptedSupportingTokens>
)
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
