Boris Dushanov created RAMPART-426:
--------------------------------------
Summary: Rampart has no support for handling 'actor' attribute in
the Security header
Key: RAMPART-426
URL: https://issues.apache.org/jira/browse/RAMPART-426
Project: Rampart
Issue Type: Bug
Components: rampart-core
Affects Versions: 1.6.2
Reporter: Boris Dushanov
According to the WS-Security specification:
"The <wsse:Security> header block provides a mechanism for attaching
security-related information targeted at a specific recipient in the form of a
SOAP actor/role."
<wsse:Security S11:actor="..." S11:mustUnderstand="..."/>
Currently, Rampart is far from full support for actor/role.
- RampartEngine has a bare support, taking the 'actor' attribute from a random
Security header.In addition, in SOAP 1.2, the 'actor' attribute is renamed to
'role', which is not handled by the RampartEngine.
- Rampart message builders has no support for actor/role.
- Rampart configuration has no support for actor/role also
WSS4J has support for actor/role and such could easily be added in
Rampart.Proper configuration should be added and actor/role values should be
propagated to WSS4J.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
