[
https://issues.apache.org/jira/browse/RAMPART-415?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Detelin Yordanov updated RAMPART-415:
-------------------------------------
Attachment: rampart16_wss4j.patch
I updated the rampart16_wss4j.patch back-porting all the fixes and version
increase of wss4j and bouncy castle. The tests on the 1.6 branch are successful
on my side. So if we consider Rampart's test coverage sufficient, then I think
we can roll in these changes to the 1.6 branch as well.
> Upgrade Rampart to use latest wss4j 1.6.16
> ------------------------------------------
>
> Key: RAMPART-415
> URL: https://issues.apache.org/jira/browse/RAMPART-415
> Project: Rampart
> Issue Type: Improvement
> Affects Versions: 1.6.2
> Reporter: Detelin Yordanov
> Assignee: Andreas Veithen
> Fix For: 1.7.0, 1.6.3
>
> Attachments: rampart16_wss4j.patch, rampart16_wss4j.patch,
> rampart_bcprov.patch, rampart_ut_nopasswd.patch, rampart_wss4j.patch
>
>
> Rampart uses an outdated wss4j 1.6.4 version, while wss4j 1.6.16 was released
> just recently. I think it is important for Rampart to use latest stable
> wss4j, additionally my team is willing to contribute some Rampart extensions
> which require wss4j 1.6.16. I tested Rampart trunk with wss4j 1.6.16 and
> noticed two failing tests:
> - org.apache.rampart.RampartTest.testWithPolicy, scenario 7
> - org.apache.rahas.impl.util.CommonUtilTest.testGetDecryptedBytes
> The first issue is caused by a change in wss4j to add an "id" to the
> "Reference List" security processing results even when the value is an empty
> literal. I discussed the issue on wss4j mailing list and a fix for this will
> be available in next wss4j 1.6.17 version, see:
> http://mail-archives.apache.org/mod_mbox/ws-dev/201407.mbox/%3ccaeu2frpx1envbytejnyblnc1w1zb9ssjxskgh7m0adszamr...@mail.gmail.com%3E
> Meanwhile, I proposed a temporary fix in Rampart that skips results with
> empty Ids (attached).
> The second issue is triggered by a change in xmlsec 1.5.2 which adds cloning
> of KeyInfo elements, however the root cause seems to be a change is how Rahas
> TestUtil constructs a SOAP envelope:
> [Avoid direct references to Axiom implementation
> classes|http://svn.apache.org/viewvc/axis/axis2/java/rampart/trunk/modules/rampart-trust/src/test/java/org/apache/rahas/test/util/TestUtil.java?r1=1298295&r2=1299913]
> I have raised this issue on Axis2 dev list:
> http://mail-archives.apache.org/mod_mbox/axis-java-dev/201407.mbox/%3CCAEu2FROZusGJr%3DtzSRXe88hXYpV%3DzAyrNE-vwDYpi0tZG9Vy4Q%40mail.gmail.com%3E
> I will update this issue once a solution is found. I can help with further
> issues if such are found. Please note that all Rampart tests pass
> successfully with wss4j 1.6.16 after applying the provided Rampart wss4j
> workaround and reverting the Rampart Axiom-related changes done in revision
> [1299913|http://svn.apache.org/viewvc?view=revision&revision=1299913].
--
This message was sent by Atlassian JIRA
(v6.2#6252)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
