cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ross M. Lodge (JIRA)" <>
Subject [jira] [Commented] (CXF-3453) WS-Security signed headers fail when schema validation enabled
Date Wed, 01 Jun 2011 21:00:56 GMT


Ross M. Lodge commented on CXF-3453:

I'm still seeing this problem for complex types (where the exception is cvc-complex-type.3.2.2),
both with 2.3.4 and 2.4 (and 2.4.1-SNAPSHOT and 2.3.4-SNAPSHOT).

> WS-Security signed headers fail when schema validation enabled
> --------------------------------------------------------------
>                 Key: CXF-3453
>                 URL:
>             Project: CXF
>          Issue Type: Bug
>          Components: WS-* Components
>    Affects Versions: 2.3.1, 2.3.3
>            Reporter: Ross M. Lodge
>            Assignee: Daniel Kulp
>             Fix For: 2.4, 2.3.4
>         Attachments:
> After turning on schema validation on a web-service with headers that are signed, but
not encrypted, the schema validation fails because the "wsu:Id" is not allowed in the schema.
> I've seen two forms of this:  a complex type header fails with an error saying that the
"wsu:Id" attribute isn't allowed, and a simple type header fails saying that no attributes
are allowed (except for type, nill, schemaInstance, etc.).
> I think this is a bug, as I don't know anything in the WS-Security specs that would prevent
signing of simple type headers or prevent subsequent schema validation.
> I've worked around this by using complex types and adding "<xsd:anyAttribute namespace="##any"
processContents="skip"/>" to those types, but it doesn't seem like this should be necessary,
and doesn't fix the simple type problem.

This message is automatically generated by JIRA.
For more information on JIRA, see:

View raw message