Detelin Hadzhiev created RAMPART-421:
----------------------------------------
Summary: Handling of WS-Policy <sp:ContentEncryptedElements /> is
not working properly
Key: RAMPART-421
URL: https://issues.apache.org/jira/browse/RAMPART-421
Project: Rampart
Issue Type: Bug
Components: rampart-core, rampart-policy
Affects Versions: 1.6.2, 1.7.0
Reporter: Detelin Hadzhiev
Using following peace of WS policy is not working as expected. The observed
problems are described beneath
<sp:ContentEncryptedElements
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
<sp:XPath xmlns:SOAP="http://www.w3.org/2003/05/soap-envelope";
xmlns:HDR1="urn:mynamespace">/SOAP:Envelope/SOAP:Header/HDR1:TestHeader</sp:XPath>
<sp:XPath xmlns:SOAP="http://www.w3.org/2003/05/soap-envelope";
xmlns:HDR1="urn:mynamespace">/SOAP:Envelope/SOAP:Header/HDR1:TestHeader2</sp:XPath>
</sp:ContentEncryptedElements>
1. Serialization of policy above omits declared namespace declarations in scope
of XPath element. For contrast serialization of sp:EncryptedElements takes into
account XPtah namespaces when being serialized.
2. In case when only sp:ContentEncryptedElements and no other signed/encrypted
parts or elements is used in the policy then checking whether security header
is required in incoming message in RampartUtil.isSecHeaderRequired doesn't take
into account ContentEncryptedElements collection size which leads to an error
later on.
See attached policy for reference.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
