cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Colm O hEigeartaigh (JIRA)" <j...@apache.org>
Subject [jira] [Assigned] (CXF-2924) WS-SP support does not enforce signature algorithm or digest algorithm on server side
Date Mon, 12 Sep 2011 11:03:09 GMT

     [ https://issues.apache.org/jira/browse/CXF-2924?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Colm O hEigeartaigh reassigned CXF-2924:
----------------------------------------

    Assignee: Colm O hEigeartaigh  (was: David Valeri)

> WS-SP support does not enforce signature algorithm or digest algorithm on server side
> -------------------------------------------------------------------------------------
>
>                 Key: CXF-2924
>                 URL: https://issues.apache.org/jira/browse/CXF-2924
>             Project: CXF
>          Issue Type: Bug
>          Components: WS-* Components
>    Affects Versions: 2.2.10, 2.3
>            Reporter: David Valeri
>            Assignee: Colm O hEigeartaigh
>
> A WS-SP policy document that includes an algorithm suite assertion for a signature operation,
such as the example below, does not trigger the enforcement of the algorithm suite in the
inbound interceptors.
> {code:xml}
>     ...
>       <sp:AsymmetricBinding>
>         <wsp:Policy>
>           <sp:InitiatorToken>
>             <wsp:Policy>
>               <sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never">
>                 <wsp:Policy>
>                   <sp:RequireIssuerSerialReference />
>                   <sp:WssX509V3Token10 />
>                 </wsp:Policy>
>               </sp:X509Token>
>             </wsp:Policy>
>           </sp:InitiatorToken>
>           <sp:RecipientToken>
>             <wsp:Policy>
>               <sp:X509Token sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never">
>                 <wsp:Policy>
>                   <sp:RequireIssuerSerialReference />
>                   <sp:WssX509V3Token10 />
>                 </wsp:Policy>
>               </sp:X509Token>
>             </wsp:Policy>
>           </sp:RecipientToken>
>           <sp:AlgorithmSuite>
>             <wsp:Policy>
>               <sp:Basic256Sha256 />
>             </wsp:Policy>
>           </sp:AlgorithmSuite>
>           <sp:Layout>
>             <wsp:Policy>
>               <sp:Strict />
>             </wsp:Policy>
>           </sp:Layout>
>         </wsp:Policy>
>       </sp:AsymmetricBinding>
>     ...
> {code}
> While the message could be inspected in order to extract this information, WSS4J already
possesses the information.  Unfortunately, WSS4J does not report the information in the result
data (1.5.8).  This issue is blocked on the addition of this information to the WSS4J results.
 See WSS-236.

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message