cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ross M. Lodge (JIRA)" <>
Subject [jira] [Updated] (CXF-3453) WS-Security signed headers fail when schema validation enabled
Date Mon, 11 Apr 2011 20:11:05 GMT


Ross M. Lodge updated CXF-3453:


Attached is a zip file of a maven project that exhibits this problem.  If you unzip it, CD
to the WSSecurityTutorialParent directory, and execute "mvn clean install -Pintegration-test",
you should see four failed tests due to this problem.  The problem should be exhibited in
both complex and simple type forms, and will occur on the response as well.

> WS-Security signed headers fail when schema validation enabled
> --------------------------------------------------------------
>                 Key: CXF-3453
>                 URL:
>             Project: CXF
>          Issue Type: Bug
>          Components: WS-* Components
>    Affects Versions: 2.3.1, 2.3.3
>            Reporter: Ross M. Lodge
>         Attachments:
> After turning on schema validation on a web-service with headers that are signed, but
not encrypted, the schema validation fails because the "wsu:Id" is not allowed in the schema.
> I've seen two forms of this:  a complex type header fails with an error saying that the
"wsu:Id" attribute isn't allowed, and a simple type header fails saying that no attributes
are allowed (except for type, nill, schemaInstance, etc.).
> I think this is a bug, as I don't know anything in the WS-Security specs that would prevent
signing of simple type headers or prevent subsequent schema validation.
> I've worked around this by using complex types and adding "<xsd:anyAttribute namespace="##any"
processContents="skip"/>" to those types, but it doesn't seem like this should be necessary,
and doesn't fix the simple type problem.

This message is automatically generated by JIRA.
For more information on JIRA, see:

View raw message