[ https://issues.apache.org/jira/browse/RAMPART-421?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Robert Lazarski updated RAMPART-421: ------------------------------------ Fix Version/s: 2.0.0 > Handling of WS-Policy <sp:ContentEncryptedElements /> is not working properly > ------------------------------------------------------------------------------ > > Key: RAMPART-421 > URL: https://issues.apache.org/jira/browse/RAMPART-421 > Project: Rampart > Issue Type: Bug > Components: rampart-core, rampart-policy > Affects Versions: 1.6.2, 1.7.0 > Reporter: Detelin Hadzhiev > Assignee: Robert Lazarski > Priority: Major > Fix For: 2.0.0 > > Attachments: content-encr-policy.txt > > > Using following peace of WS policy is not working as expected. The observed > problems are described beneath > <sp:ContentEncryptedElements > xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"> > <sp:XPath xmlns:SOAP="http://www.w3.org/2003/05/soap-envelope" > xmlns:HDR1="urn:mynamespace">/SOAP:Envelope/SOAP:Header/HDR1:TestHeader</sp:XPath> > <sp:XPath xmlns:SOAP="http://www.w3.org/2003/05/soap-envelope" > xmlns:HDR1="urn:mynamespace">/SOAP:Envelope/SOAP:Header/HDR1:TestHeader2</sp:XPath> > </sp:ContentEncryptedElements> > 1. Serialization of policy above omits declared namespace declarations in > scope of XPath element. For contrast serialization of sp:EncryptedElements > takes into account XPtah namespaces when being serialized. > 2. In case when only sp:ContentEncryptedElements and no other > signed/encrypted parts or elements is used in the policy then checking > whether security header is required in incoming message in > RampartUtil.isSecHeaderRequired doesn't take into account > ContentEncryptedElements collection size which leads to an error later on. > See attached policy for reference. -- This message was sent by Atlassian Jira (v8.20.10#820010) --------------------------------------------------------------------- To unsubscribe, e-mail: java-dev-unsubscr...@axis.apache.org For additional commands, e-mail: java-dev-h...@axis.apache.org