cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CXF-7080) XmlSecOutInterceptor doesn't recognise KeyName as a KeyIdentifier
Date Sat, 08 Oct 2016 21:31:21 GMT

    [ https://issues.apache.org/jira/browse/CXF-7080?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15558753#comment-15558753
] 

ASF GitHub Bot commented on CXF-7080:
-------------------------------------

GitHub user spark404 opened a pull request:

    https://github.com/apache/cxf/pull/175

    [CXF-7080] Add KeyName as KeyIdentifier

    

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/spark404/cxf CXF-7080

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/cxf/pull/175.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #175
    
----
commit d3f0054090c06dfda6a24a6402b591c45e95c8b0
Author: Hugo Trippaers <hugo@trippaers.nl>
Date:   2016-10-08T21:28:16Z

    [CXF-7080] Add KeyName as KeyIdentifier

----


> XmlSecOutInterceptor doesn't recognise KeyName as a KeyIdentifier
> -----------------------------------------------------------------
>
>                 Key: CXF-7080
>                 URL: https://issues.apache.org/jira/browse/CXF-7080
>             Project: CXF
>          Issue Type: Bug
>          Components: JAX-RS Security
>    Affects Versions: 3.2.0, 3.1.8
>            Reporter: Hugo Trippaers
>
> The KeyIdentifier type KeyName is a known element in the KeyInfo structure (https://www.w3.org/TR/xmldsig-core/#sec-KeyName)
however the interceptor XmlSecOutInterceptor doesn't recognise it. 
> This causes the interceptor to assume the keyidentifier is X509KeyIdentifier, which in
turn causes the undesired behaviour of the message being signed and sent with a keyidentifier
that is not parsed by the endpoint. (Who expects a KeyName).
> A small fix is to add KeyName as a valid KeyIdentifier allowing lower level libraries
(santuario) to indicate that this KeyIdentifier type is not supported (yet, working on that
as well)



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message