RE: Regression with UT over HTTPS on 2.6.1

COURTAULT Francois Mon, 28 May 2012 07:32:29 -0700

Hello,

I don't read the spec the same way than you, sorry.


The spec says:
<sp:HttpsToken xmlns:sp="..." ... >
  (

    <sp:Issuer>wsa:EndpointReferenceType</sp:Issuer> |  

    <sp:IssuerName>xs:anyURI</sp:IssuerName>

  ) ?

  <wst:Claims Dialect="..."> ... </wst:Claims> ?

  <wsp:Policy xmlns:wsp="...">
    (
      <sp:HttpBasicAuthentication /> |
      <sp:HttpDigestAuthentication /> |
      <sp:RequireClientCertificate /> |
      ...
    )?
    ...
  </wsp:Policy>
  ...
</sp:HttpsToken>

And "?" means 0 or 1
So, according to me, you can have <sp:HttpsToken.... with an empty <wsp:Policy 
/> policy.
More, the spec that:
    - /sp:HttpsToken/wsp:Policy/sp:HttpBasicAuthentication is OPTIONAL
    - /sp:HttpsToken/wsp:Policy/sp:HttpDigestAuthentication is OPTIONAL
    - /sp:HttpsToken/wsp:Policy/sp:RequireClientCertificate is OPTIONAL
Which is coherent with the ?

So ??????

Best Regards.

-----Original Message-----
From: Colm O hEigeartaigh [mailto:[email protected]] 
Sent: lundi 28 mai 2012 15:39
To: COURTAULT Francois
Cc: [email protected]
Subject: Re: Regression with UT over HTTPS on 2.6.1

http://docs.oasis-open.org/ws-sx/ws-securitypolicy/v1.3/os/ws-securitypolicy-1.3-spec-os.html

"sp:HttpsToken/wsp:Policy

This REQUIRED element identifies additional requirements for use of the 
sp:HttpsToken assertion."

Colm.


On Mon, May 28, 2012 at 2:33 PM, COURTAULT Francois < 
[email protected]> wrote:

> Hello,
>
> This means that the policy I have attached is not compliant: right?
> Could you give me please a pointer or the spec paragraph which 
> specifies this ?
>
> Best Regards.
>
> -----Original Message-----
> From: Colm O hEigeartaigh [mailto:[email protected]]
> Sent: lundi 28 mai 2012 15:18
> To: [email protected]
> Subject: Re: Regression with UT over HTTPS on 2.6.1
>
> It's not a regression, but a stricter enforcement of the 
> WS-SecurityPolicy spec. You need to add a "<wsp:Policy/>" child to the 
> sp:HttpsToken element to be compliant.
>
> Colm.
>
> On Mon, May 28, 2012 at 1:12 PM, COURTAULT Francois < 
> [email protected]> wrote:
>
> > Hello,****
> >
> > ** **
> >
> > With the same WSS policy used, attached,  at server side, I got this
> error:
> > ****
> >
> > 28 mai 2012 14:08:43
> > org.apache.cxf.ws.policy.attachment.wsdl11.Wsdl11AttachmentPolicyPro
> > vi
> > der
> > getElementPolicy****
> >
> > ATTENTION: Failed to build the policy 
> > 'Wssp1.2-2007-Https-UsernameToken-Plain.xml':sp:HttpsToken/wsp:Polic
> > y
> > must have a value****
> >
> > Exception in thread "main" *javax.xml.ws.soap.SOAPFaultException*:
> > sp:HttpsToken/wsp:Policy must have a value****
> >
> > whereas I didn't get any error on 2.5.4.****
> >
> > ** **
> >
> > Do I have to enter an issue in CXF 2.6.1 ?****
> >
> > ** **
> >
> > Best Regards.****
> >
>
>
>
> --
> Colm O hEigeartaigh
>
> Talend Community Coder
> http://coders.talend.com
>



--
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

RE: Regression with UT over HTTPS on 2.6.1

Reply via email to