[
https://issues.apache.org/jira/browse/RAMPART-402?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17895844#comment-17895844
]
Robert Lazarski commented on RAMPART-402:
-----------------------------------------
I tried applying the patch - the only change was renaming the keystore to
interop2024.pkcs12.
Unfortunately, I got this error running the unit tests:
[INFO] Running org.apache.rampart.RampartTest
15:43:15.699 [qtp1986270265-237] ERROR org.apache.axis2.engine.AxisEngine -
Expected encrypted part missing
org.apache.axis2.AxisFault: Expected encrypted part missing
at
org.apache.rampart.handler.RampartReceiver.setFaultCodeAndThrowAxisFault(RampartReceiver.java:199)
~[rampart-core-1.8.0-SNAPSHOT.jar:1.8.0-SNAPSHOT]
at
org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:102)
~[rampart-core-1.8.0-SNAPSHOT.jar:1.8.0-SNAPSHOT]
at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:335)
~[axis2-kernel-1.8.2.jar:1.8.2]
at org.apache.axis2.engine.Phase.invoke(Phase.java:308)
~[axis2-kernel-1.8.2.jar:1.8.2]
at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:250)
~[axis2-kernel-1.8.2.jar:1.8.2]
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:156)
~[axis2-kernel-1.8.2.jar:1.8.2]
at
org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:179)
~[axis2-transport-http-1.8.2.jar:1.8.2]
at
org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:166)
~[axis2-transport-http-1.8.2.jar:1.8.2]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
~[javax.servlet-api-3.1.0.jar:3.1.0]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
~[javax.servlet-api-3.1.0.jar:3.1.0]
at
org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:764)
~[jetty-servlet-10.0.11.jar:10.0.11]
at
org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:529)
~[jetty-servlet-10.0.11.jar:10.0.11]
at
org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:131)
~[jetty-server-10.0.11.jar:10.0.11]
at
org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:578)
~[jetty-security-10.0.11.jar:10.0.11]
at
org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:122)
~[jetty-server-10.0.11.jar:10.0.11]
at
org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:223)
~[jetty-server-10.0.11.jar:10.0.11]
at
org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1571)
~[jetty-server-10.0.11.jar:10.0.11]
at
org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:221)
~[jetty-server-10.0.11.jar:10.0.11]
at
org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1378)
~[jetty-server-10.0.11.jar:10.0.11]
at
org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:176)
~[jetty-server-10.0.11.jar:10.0.11]
at
org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:484)
~[jetty-servlet-10.0.11.jar:10.0.11]
at
org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1544)
~[jetty-server-10.0.11.jar:10.0.11]
at
org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:129)
~[jetty-server-10.0.11.jar:10.0.11]
at
org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:122)
~[jetty-server-10.0.11.jar:10.0.11]
at org.eclipse.jetty.server.Server.handle(Server.java:562)
~[jetty-server-10.0.11.jar:10.0.11]
at
org.eclipse.jetty.server.HttpChannel.lambda$handle$0(HttpChannel.java:505)
~[jetty-server-10.0.11.jar:10.0.11]
at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:762)
~[jetty-server-10.0.11.jar:10.0.11]
at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:497)
~[jetty-server-10.0.11.jar:10.0.11]
at
org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:282)
~[jetty-server-10.0.11.jar:10.0.11]
at
org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:319)
~[jetty-io-10.0.11.jar:10.0.11]
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:100)
~[jetty-io-10.0.11.jar:10.0.11]
at
org.eclipse.jetty.io.SelectableChannelEndPoint$1.run(SelectableChannelEndPoint.java:53)
~[jetty-io-10.0.11.jar:10.0.11]
at
org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.runTask(AdaptiveExecutionStrategy.java:412)
~[jetty-util-10.0.11.jar:10.0.11]
at
org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.consumeTask(AdaptiveExecutionStrategy.java:381)
~[jetty-util-10.0.11.jar:10.0.11]
at
org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.tryProduce(AdaptiveExecutionStrategy.java:268)
~[jetty-util-10.0.11.jar:10.0.11]
at
org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.lambda$new$0(AdaptiveExecutionStrategy.java:138)
~[jetty-util-10.0.11.jar:10.0.11]
at
org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:407)
[jetty-util-10.0.11.jar:10.0.11]
at
org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:894)
[jetty-util-10.0.11.jar:10.0.11]
at
org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1038)
[jetty-util-10.0.11.jar:10.0.11]
at java.base/java.lang.Thread.run(Thread.java:840) [?:?]
Caused by: org.apache.rampart.RampartException: Expected encrypted part missing
at
org.apache.rampart.PolicyBasedResultsValidator.validateEncrSig(PolicyBasedResultsValidator.java:292)
~[rampart-core-1.8.0-SNAPSHOT.jar:?]
at
org.apache.rampart.PolicyBasedResultsValidator.validate(PolicyBasedResultsValidator.java:163)
~[rampart-core-1.8.0-SNAPSHOT.jar:?]
at org.apache.rampart.RampartEngine.process(RampartEngine.java:376)
~[rampart-core-1.8.0-SNAPSHOT.jar:?]
at
org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:95)
~[rampart-core-1.8.0-SNAPSHOT.jar:1.8.0-SNAPSHOT]
... 40 more
> PolicyBasedResultsValidator does not correctly check signed parts
> -----------------------------------------------------------------
>
> Key: RAMPART-402
> URL: https://issues.apache.org/jira/browse/RAMPART-402
> Project: Rampart
> Issue Type: Bug
> Affects Versions: 1.6.2
> Reporter: Nathan Clement
> Assignee: Robert Lazarski
> Priority: Major
> Labels: Patch
> Fix For: 1.8.0
>
> Attachments: check_signed_parts.patch
>
>
> PolicyBasedResultsValidator does not correctly check the signed parts from
> the policy because it is checking that the element name is "Header".
> Obviously this won't match the signed part element name in the policy. I'm
> not sure of the historical reason for this, but I've removed this check in my
> attached patch.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
