Re: EncryptedKey in Security Header for messages wihtout encrypted content

[Colm O hEigeartaigh]

It's a bug which I've just fixed:

https://issues.apache.org/jira/browse/CXF-6884

Please feel free to grab the latest code + test it out to make sure your
issue is fixed.

Colm.

On Tue, Apr 26, 2016 at 11:37 AM, Stefan Müller <stefan.muel...@it.nrw.de>
wrote:

> This is our security policy:
>
>
>
> <wsp:Policy xmlns:wsp="http://www.w3.org/ns/ws-policy";
>
> xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";
>
> xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> "
>
> xmlns:sp13="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802";
>             wsu:Id="policy">
>     <wsp:ExactlyOne>
>         <wsp:All>
>             <sp:AsymmetricBinding>
>                 <wsp:Policy>
>                     <sp:InitiatorToken>
>                         <wsp:Policy>
>                             <sp:X509Token
>
> sp:IncludeToken="
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never
> ">
>                                 <wsp:Policy>
>                                     <sp:WssX509V3Token10/>
>                                 </wsp:Policy>
>                             </sp:X509Token>
>                         </wsp:Policy>
>                     </sp:InitiatorToken>
>                     <sp:RecipientToken>
>                         <wsp:Policy>
>                             <sp:X509Token
>
> sp:IncludeToken="
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never
> ">
>                                 <wsp:Policy>
>                                     <sp:WssX509V3Token10/>
>                                 </wsp:Policy>
>                             </sp:X509Token>
>                         </wsp:Policy>
>                     </sp:RecipientToken>
>                     <sp:Layout>
>                         <wsp:Policy>
>                             <sp:Strict/>
>                         </wsp:Policy>
>                     </sp:Layout>
>                     <sp:OnlySignEntireHeadersAndBody/>
>                     <sp:AlgorithmSuite>
>                         <wsp:Policy>
>                             <sp-cxf:Basic128GCMSha256MgfSha256
>
> xmlns:sp-cxf="http://project/custom/security-policy"/>
>                         </wsp:Policy>
>                     </sp:AlgorithmSuite>
>                 </wsp:Policy>
>             </sp:AsymmetricBinding>
>             <wsp:ExactlyOne>
>                 <wsp:All>
>                     <sp:SignedParts>
>                         <sp:Header
>
> Namespace="http://docs.oasis-open.org/ebxml-msg/ebms/v3.0/ns/core/200704/";
>                                 Name="Messaging"/>
>                         <sp:Attachments>
>                             <sp13:ContentSignatureTransform/>
>                         </sp:Attachments>
>                     </sp:SignedParts>
>                     <sp:EncryptedParts>
>                         <sp:Attachments/>
>                     </sp:EncryptedParts>
>                 </wsp:All>
>             </wsp:ExactlyOne>
>         </wsp:All>
>     </wsp:ExactlyOne>
> </wsp:Policy>
>
>
>
> --
> View this message in context:
> http://cxf.547215.n5.nabble.com/EncryptedKey-in-Security-Header-for-messages-wihtout-encrypted-content-tp5768129p5768134.html
> Sent from the cxf-user mailing list archive at Nabble.com.
>



-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com