[ https://issues.apache.org/jira/browse/CXF-2924?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Colm O hEigeartaigh resolved CXF-2924. -------------------------------------- Resolution: Fixed > WS-SP support does not enforce signature algorithm or digest algorithm on > server side > ------------------------------------------------------------------------------------- > > Key: CXF-2924 > URL: https://issues.apache.org/jira/browse/CXF-2924 > Project: CXF > Issue Type: Bug > Components: WS-* Components > Affects Versions: 2.2.10, 2.3 > Reporter: David Valeri > Assignee: Colm O hEigeartaigh > > A WS-SP policy document that includes an algorithm suite assertion for a > signature operation, such as the example below, does not trigger the > enforcement of the algorithm suite in the inbound interceptors. > {code:xml} > ... > <sp:AsymmetricBinding> > <wsp:Policy> > <sp:InitiatorToken> > <wsp:Policy> > <sp:X509Token > sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never"> > <wsp:Policy> > <sp:RequireIssuerSerialReference /> > <sp:WssX509V3Token10 /> > </wsp:Policy> > </sp:X509Token> > </wsp:Policy> > </sp:InitiatorToken> > <sp:RecipientToken> > <wsp:Policy> > <sp:X509Token > sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never"> > <wsp:Policy> > <sp:RequireIssuerSerialReference /> > <sp:WssX509V3Token10 /> > </wsp:Policy> > </sp:X509Token> > </wsp:Policy> > </sp:RecipientToken> > <sp:AlgorithmSuite> > <wsp:Policy> > <sp:Basic256Sha256 /> > </wsp:Policy> > </sp:AlgorithmSuite> > <sp:Layout> > <wsp:Policy> > <sp:Strict /> > </wsp:Policy> > </sp:Layout> > </wsp:Policy> > </sp:AsymmetricBinding> > ... > {code} > While the message could be inspected in order to extract this information, > WSS4J already possesses the information. Unfortunately, WSS4J does not > report the information in the result data (1.5.8). This issue is blocked on > the addition of this information to the WSS4J results. See WSS-236. -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira