cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bas Nossing (JIRA)" <j...@apache.org>
Subject [jira] [Comment Edited] (CXF-6597) Invalid Policy Exception on valid on WS-Policy
Date Fri, 18 Sep 2015 11:34:04 GMT

    [ https://issues.apache.org/jira/browse/CXF-6597?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14847276#comment-14847276
] 

Bas Nossing edited comment on CXF-6597 at 9/18/15 11:33 AM:
------------------------------------------------------------

Initially we were using WildFly 8.1.0, which uses CXF 2.7.11 internally.
But to fix another issue we had to upgrade the JBossWS stack in that server version, which
upgraded the internal CXF version to 3.0.3
We also found an (unanswered) question regarding this same issue on stackoverflow: http://stackoverflow.com/questions/27428854/apache-3-x-invalid-policy
We are now going to attempt to run our application on a WildFly 8.2.0, which uses CXF 2.7.13
internally.



was (Author: b.nossing):
Initially we were using WildFly 8.1.0, which uses CXF 2.7.11 internally.
But to fix another issue we had to upgrade the JBossWS stack in that server version, which
upgraded the internal CXF version to 3.0.3
We also found an (unanswered) question regarding this same issue on stackoverflow: http://stackoverflow.com/questions/27428854/apache-3-x-invalid-policy


> Invalid Policy Exception on valid on WS-Policy
> ----------------------------------------------
>
>                 Key: CXF-6597
>                 URL: https://issues.apache.org/jira/browse/CXF-6597
>             Project: CXF
>          Issue Type: Bug
>          Components: JAX-WS Runtime
>    Affects Versions: 3.0.6
>         Environment: WildFly 8.2.1.Final
>            Reporter: Bas Nossing
>
> A recent bugreport (https://issues.apache.org/jira/browse/CXF-6473 to be exact) was fixed
in CXF version 3.0.6
> However, when we tried to update our WildFly to version 8.2.1 to incorporate this bugfix
we ran into a new issue: http://pastebin.com/ezewT9Mw
> It seems CXF version 3.0.6 introduces an issue with WS-Policy parsing that no longer
allows the following definition:
> {code:xml}
> <wsp:Policy wsu:Id="X509EndpointPolicy">
> 	<wsp:ExactlyOne>
> 	...
> 		<sp:AlgorithmSuite>
> 				<wsp:Policy>
> 						<sp:Basic128Rsa15/>
> 						<sp:Basic256Rsa15/>
> 						<sp:TripleDesRsa15/>
> 				</wsp:Policy>
> 		</sp:AlgorithmSuite>
> 	...
> 	</wsp:ExactlyOne>
> </wsp:Policy>
> {code}
> (excerpt from WSDL http://pastebin.com/BSMais7F and accompanying XSD http://pastebin.com/DRXc0Tfa)
> However, according to W3C (http://www.w3.org/Submission/WS-Policy/) it is allowed to
specify multiple key-transport-algorithms for a single policy.
> Removing two of the key-transport-algorithms (leaving one remaining algorithm) from our
definition makes the invalid policy exception disappear.
> For example removing Basic128Rsa15 and TripleDesRsa15 and leaving Basic256Rsa15 will
make CXF accept his WS-Policy as a valid one.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message