[ https://issues.apache.org/jira/browse/CXF-1436?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Daniel Kulp reassigned CXF-1436:
--------------------------------
Assignee: Daniel Kulp
> Error in WS-Security 1.1 Signature Confirmation handling
> --------------------------------------------------------
>
> Key: CXF-1436
> URL: https://issues.apache.org/jira/browse/CXF-1436
> Project: CXF
> Issue Type: Bug
> Components: WS-* Components
> Affects Versions: 2.1
> Reporter: Colm O hEigeartaigh
> Assignee: Daniel Kulp
> Priority: Minor
> Fix For: 2.1
>
> Attachments: sigconf.patch
>
>
> WS-Security 1.1 Signature Confirmation is a mechanism whereby a receiver of a signed
SOAP message attaches a "SignatureConfirmation" blob in the responding SOAP message containing
the signature that was received. In this way the initiator knows that the signature was received
correctly.
> In CXF, support for signature confirmation is provided via the WSS4J*Interceptors. However,
there's a minor boolean bug in the WSS4JOutInterceptor that mixes up the roles of the requestor
and the responder, and hence this feature is broken.
> See attached patch for fix and unit test.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
|