[
https://issues.apache.org/jira/browse/RAMPART-287?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13758820#comment-13758820
]
Suresh Attanayake edited comment on RAMPART-287 at 9/5/13 9:13 AM:
-------------------------------------------------------------------
The reason was the AsymmetricBindingBuilder was ONLY looking for the
EncryptSignature configuration to add secondEncrParts in doEncryptBeforeSig.
if (rpd.isSignatureProtection() && this.mainSigId != null)
The proper fix is to add SignedEncryptedSupportingTokens as well for the
secondEncrParts. The proper behavior is shown in WS-SecurityPolicy-1.2, line
3580. That is the SignedEncryptedSupportingTokens must be encrypted by the
encryptedkey for the recipient token.
was (Author: sureshatt):
Yes, I debugged the code and found that encrypting is handled even before
the supporting tokens are processed. I will create a patch to fix this.
> Supporting Tokens Not Encrypted When Protection Order is Encrypt Before
> Signing
> -------------------------------------------------------------------------------
>
> Key: RAMPART-287
> URL: https://issues.apache.org/jira/browse/RAMPART-287
> Project: Rampart
> Issue Type: Bug
> Components: rampart-core
> Affects Versions: 1.5
> Reporter: todd wolff
> Attachments: service.policy2.xml, service.policy.xml
>
>
> When one of the encrypted supporting token assertions is used and protection
> order is encrypt before signing, the tokens are not encrypted. The binding
> against which this was tested was asymmetric.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
