cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alessio Soldano <asold...@redhat.com>
Subject Re: WS-Security Username Token w/ Digest issue on CXF 2.4
Date Wed, 27 Apr 2011 12:51:28 GMT
Colm, Sergey,
thanks, my test is now passing with the latest trunk.
Cheers
Alessio

On 04/27/2011 11:08 AM, Sergey Beryozkin wrote:
> Hi Alessio, Colm
>
> Unfortunately I did not have a system test involving this interceptor
> checking digest passwords (I have the one for a policy first case
> though), so the regression was not spotted, thanks Colm for applying a
> fix.
>
> Alessio - as a workaround, while working with CXF 2.4.0, please override
>
> AbstractUsernameTokenAuthenticatingInterceptor.getSecurityEngine(boolean),
>
> and copy the code from the superclass but register another Validator
> implementation, which
> extends
>
> AbstractUsernameTokenAuthenticatingInterceptor.CustomValidator
>
> but overrides only its verifyDigestPassword method
>
> that should it till CXF 2.4.1 is released.
>
> One thing about using AbstractUsernameTokenAuthenticatingInterceptor
> is that it won't work in policy-first cases.
> Thus you might want to consider using another approach, extend
> org.apache.cxf.interceptor.security.AbstractUsernameTokenInterceptor
>
> which does not in turn extend WSS4JInInterceptor, please see
>
> http://cxf.apache.org/docs/security.html#Security-WSSecurityUsernameTokenandCustomAuthentication
>
> Thanks, Sergey
>
>
> On Wed, Apr 27, 2011 at 9:46 AM, Colm O hEigeartaigh
> <coheigea@apache.org>  wrote:
>> Already taken care of..
>>
>> https://issues.apache.org/jira/browse/CXF-3476
>>
>> Colm.
>>
>> On Wed, Apr 27, 2011 at 9:32 AM, Alessio Soldano<asoldano@redhat.com>  wrote:
>>> On 04/27/2011 10:30 AM, Colm O hEigeartaigh wrote:
>>>> Hi Alessio,
>>>>
>>>>> Did I miss something here?
>>>> No, it's a bug. It should be "isHashed" not "isDerivedKey".
>>>>
>>>> Colm.
>>> OK, I can open a jira and fix that, or you're already doing it?
>>> Thanks
>>> Alessio
>>>
>>> --
>>> Alessio Soldano
>>> Web Service Lead, JBoss
>>>
>>>


-- 
Alessio Soldano
Web Service Lead, JBoss


Mime
View raw message