axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Thilina Buddhika (JIRA)" <j...@apache.org>
Subject [jira] Assigned: (RAMPART-299) Rampart ignores BootstrapPolicy settings in message exchange with WS-SecureConversation STS
Date Wed, 23 Feb 2011 13:06:38 GMT

     [ https://issues.apache.org/jira/browse/RAMPART-299?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Thilina Buddhika reassigned RAMPART-299:
----------------------------------------

    Assignee: Thilina Buddhika

> Rampart ignores BootstrapPolicy settings in message exchange with WS-SecureConversation
STS
> -------------------------------------------------------------------------------------------
>
>                 Key: RAMPART-299
>                 URL: https://issues.apache.org/jira/browse/RAMPART-299
>             Project: Rampart
>          Issue Type: Bug
>          Components: rampart-trust
>    Affects Versions: 1.5
>            Reporter: Dennis Sosnoski
>            Assignee: Thilina Buddhika
>         Attachments: RAMPART-299.diff
>
>
> I'm running some WS-SecureConversation tests with Axis2 1.5.1 and Rampart 1.5, and saw
that Rampart is using the http://schemas.xmlsoap.org/ws/2005/02/trust namespace and actions
for the request to the STS, along with the http://schemas.xmlsoap.org/ws/2004/08/addressing
WS-Addressing and http://schemas.xmlsoap.org/ws/2005/02/sc WS-SecureConversation versions.
How can I set Rampart to use the newer versions of these standards?
> I'm using WS-SecurityPolicy 1.2, and have <sp:Trust13> and <wsap:UsingAddressing
xmlns="http://www.w3.org/2006/05/wsdl"/> tokens included in the policy, so Rampart appears
to be ignoring the policy and just going with defaults for the request. I've also tried *not*
specifying <wsap:UsingAddressing>, and Rampart still adds addressing headers in that
case.
> I did see that there's some logic in RampartMessageData to set namespace versions from
properties in the message context, but that logic appears flawed (lines 168-178):
>            //Extract known properties from the msgCtx
>                      if(msgCtx.getProperty(KEY_WST_VERSION) != null) {
>                this.wstVersion = TrustUtil.getWSTVersion((String)msgCtx.getProperty(KEY_WST_VERSION));
>            }
>                      if(msgCtx.getProperty(KEY_WSSC_VERSION) != null) {
>                this.secConvVersion = TrustUtil.getWSTVersion((String)msgCtx.getProperty(KEY_WSSC_VERSION));
>            }
> Note that this is calling TrustUtil.getWSTVersion() for both the WS-Trust and the WS-SecureConversation
version, so you'd have to use the WS-Trust namespaces as values of the wscVersion property
in order for this to work. Worse, though, is that it looks like the options set on the original
Client are not passed in to the STSClient used by Rampart for the STS request, so I don't
see any way of setting the properties for the STSClient from my application code.

-- 
This message is automatically generated by JIRA.
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org


Mime
View raw message