cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Colm O hEigeartaigh (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (CXF-4453) Make the CryptoCoverageChecker easier to use for common signature verification and decryption use-cases
Date Fri, 03 Aug 2012 16:10:02 GMT

     [ https://issues.apache.org/jira/browse/CXF-4453?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Colm O hEigeartaigh updated CXF-4453:
-------------------------------------

    Description: 
The CryptoCoverageChecker is designed to be used in conjunction with the WSS4JInInterceptor
for the non-WS-SecurityPolicy case, to check that elements you expected to be signed or encrypted
actually were. However, for some common use-cases based around signature verification or decryption
it is slightly complex to set up, as it involves adding XPath expressions, as well as the
corresponding prefix/namespace pairs. This task is to extend the CryptoCoverageChecker to
make it easier to use for some common use-cases.

A new subclass called "DefaultCryptoCoverageChecker" will be introduced, which will provide
an easy way to make sure that the SOAP Body is signed or encrypted, that the Timestamp is
signed, and that the WS-Addressing ReplyTo and FaultTo headers are signed (if they are present
in the message payload).

  was:
The CryptoCoverageChecker is designed to be used in conjunction with the WSS4JInInterceptor
for the non-WS-SecurityPolicy case, to check that elements you expected to be signed or encrypted
actually were. However, for some common use-cases based around signature verification or decryption
it is slightly complex to set up, as it involves adding XPath expressions, as well as the
corresponding prefix/namespace pairs. This task is to extend the CryptoCoverageChecker to
make it easier to use for some common use-cases.

A new subclass called "DefaultCryptoCoverageChecker" will be introduced, which will provide
an easy way to make sure that the SOAP Body is signed or encrypted, and that the Timestamp
is signed.

    
> Make the CryptoCoverageChecker easier to use for common signature verification and decryption
use-cases
> -------------------------------------------------------------------------------------------------------
>
>                 Key: CXF-4453
>                 URL: https://issues.apache.org/jira/browse/CXF-4453
>             Project: CXF
>          Issue Type: Improvement
>          Components: WS-* Components
>    Affects Versions: 2.4.8, 2.5.4, 2.6.1
>            Reporter: Colm O hEigeartaigh
>            Assignee: Colm O hEigeartaigh
>             Fix For: 2.4.9, 2.5.5, 2.6.2
>
>
> The CryptoCoverageChecker is designed to be used in conjunction with the WSS4JInInterceptor
for the non-WS-SecurityPolicy case, to check that elements you expected to be signed or encrypted
actually were. However, for some common use-cases based around signature verification or decryption
it is slightly complex to set up, as it involves adding XPath expressions, as well as the
corresponding prefix/namespace pairs. This task is to extend the CryptoCoverageChecker to
make it easier to use for some common use-cases.
> A new subclass called "DefaultCryptoCoverageChecker" will be introduced, which will provide
an easy way to make sure that the SOAP Body is signed or encrypted, that the Timestamp is
signed, and that the WS-Addressing ReplyTo and FaultTo headers are signed (if they are present
in the message payload).

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message