axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Thilina Buddhika (JIRA)" <>
Subject [jira] Updated: (RAMPART-119) Invalid behavior when empty <sp:SignedParts/> element present in the policy
Date Tue, 21 Dec 2010 12:36:00 GMT


Thilina Buddhika updated RAMPART-119:

    Attachment: RAMPART-119.patch

Attaching to updated patch for the current revision of the trunk.

> Invalid behavior when empty <sp:SignedParts/> element present in the policy
> ---------------------------------------------------------------------------
>                 Key: RAMPART-119
>                 URL:
>             Project: Rampart
>          Issue Type: Bug
>          Components: rampart-core
>    Affects Versions: 1.3
>            Reporter: Nandana Mihindukulasooriya
>            Assignee: Nandana Mihindukulasooriya
>         Attachments: RAMPART-119.patch, RAMPART119.patch
> According to the ws - security policy specification 1.1 , 5.1.1 Signed Parts Assertion

> This assertion specifies the parts of the message that need integrity protection. If
no child elements are specified, all message headers targeted at the UltimateReceiver role
[SOAP12] or actor [SOAP11] and the body of the message MUST be integrity protected.
> So for an empty signed parts element, we have to sign all the message headers. At current
we don't sign any header if signed parts element is empty.

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message