cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Colm O hEigeartaigh (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CXF-5079) Add support for mustunderstand = false in PolicyBasedWSS4JOutInterceptor
Date Fri, 14 Jun 2013 14:51:21 GMT

    [ https://issues.apache.org/jira/browse/CXF-5079?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13683411#comment-13683411
] 

Colm O hEigeartaigh commented on CXF-5079:
------------------------------------------


Patch applied with some minor modifications, thanks (I changed the spelling of MUSTUNDERSTAND
to add an underscore). I also added a fix for the ACTOR/ROLE issue.

Colm.
                
> Add support for mustunderstand = false in PolicyBasedWSS4JOutInterceptor
> ------------------------------------------------------------------------
>
>                 Key: CXF-5079
>                 URL: https://issues.apache.org/jira/browse/CXF-5079
>             Project: CXF
>          Issue Type: Improvement
>          Components: JAX-WS Runtime
>    Affects Versions: 2.5.10, 2.6.8, 2.7.5
>            Reporter: Oddbjørn Heimdal
>            Assignee: Colm O hEigeartaigh
>             Fix For: 2.5.11, 2.6.9, 2.7.6
>
>         Attachments: Patch_for_CXF-5079.patch
>
>
> As discussed on the cxf-developer mailing list, patch is coming up shortly:
> Yes, please submit a patch for this.
> Colm.
> On Thu, Jun 13, 2013 at 3:53 PM, <oddbjorn.heimdal@accenture.com> wrote:
> > Hi,
> >
> > We have hit a limitation in PolicyBasedWSS4JOutInterceptor which hard 
> > codes mustUnderstand = true (line 99). This is configurable in the 
> > WSS4JOutInterceptor today, but not when using policy.
> >
> >         public void handleMessage(SoapMessage message) throws Fault {
> >             Collection<AssertionInfo> ais;
> >             SOAPMessage saaj = message.getContent(SOAPMessage.class);
> >
> >             boolean mustUnderstand = true;
> >             String actor = null;
> >
> > Obviously this makes sense in most cases, but we have some 
> > intermediaries which do not understand security...
> >
> > Would you accept a patch to have this configurable, for instance by 
> > creating a new property in SecurityConstants (for instance
> > ws-security.mustsunderstand) and default to true?
> >
> > Best regards,
> >
> > Oddbjørn
> >
> > ______________________________________________________________________
> > _____________________
> > Oddbjørn Heimdal
> > Accenture Technology Consulting -  Security Snarøyveien 30, P.O. Box 
> > 363, 1326 Lysaker, Norway
> > Mobile: +47 99 72 19 12
> > Email: oddbjorn.heimdal@accenture.com<mailto:
> > oddbjorn.heimdal@accenture.com>
> >
> >
> > ________________________________
> > This message is for the designated recipient only and may contain 
> > privileged, proprietary, or otherwise confidential information. If you 
> > have received it in error, please notify the sender immediately and 
> > delete the original. Any other use of the e-mail by you is prohibited.
> >
> > Where allowed by local law, electronic communications with Accenture 
> > and its affiliates, including e-mail and instant messaging (including 
> > content), may be scanned by our systems for the purposes of 
> > information security and assessment of internal compliance with Accenture policy.
> >
> >
> > ______________________________________________________________________
> > ________________
> >
> > www.accenture.com
> >
> --
> Colm O hEigeartaigh
> Talend Community Coder
> http://coders.talend.com

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message