"Unexpected signature" exception thrown when using Signed/SupportingTokens
Assertion
------------------------------------------------------------------------------------
Key: RAMPART-114
URL: https://issues.apache.org/jira/browse/RAMPART-114
Project: Rampart
Issue Type: Bug
Components: rampart-core
Affects Versions: 1.3
Environment: Axis2 1.3, Rampart 1.3, JDK 1.4, Tomcat 5.5.20
Reporter: Dobri Kitipov
When symmetric binding with Username token is tested then the following
exception is thrown :
"Unexpected signature".
My observations showed that this exception is caused into
org.apache.rampart.PolicyBasedResultsValidator class and namely into the
public void validate(ValidatorData data, Vector results) method.
There are several checks for signitureParts. These checks are for "timestamp",
"EndorsingSupportingTokens" and "SignedEndorsingSupportingTokens".
The problem is that when I read the WS - Security Policy - 1.1 - July 2005,
which spec is implemented by Rampart, we can read that there are
two additional supporting tokens assertions which are not processed into the
method, namely:
- SupportingTokens Assertion
and
- SignedSupportingTokens Assertion.
In my case the policy contains an username token as SignedSupportingTokens
Assertion.
I am attaching the policy to the JIRA.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
