ws-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Colm O hEigeartaigh (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (WSS-231) There is an issue with the position of the <Timestamp> element in the <Security> header when using WSS4J calling .NET Web Services with WS-Security.
Date Mon, 01 Oct 2012 10:21:08 GMT

    [ https://issues.apache.org/jira/browse/WSS-231?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13466722#comment-13466722
] 

Colm O hEigeartaigh commented on WSS-231:
-----------------------------------------


Yes the change is committed. What web services client are you using? WSS4J 1.6.x is not directly
compatible with 1.5.x, so you must update the web service framework you are using to one that
supports WSS4J 1.6.x.

Have you tried with WSS4J 1.5.13-SNAPSHOT?

Colm.
                
> There is an issue with the position of the <Timestamp> element in the <Security>
header when using  WSS4J calling .NET Web Services with WS-Security.  
> -------------------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: WSS-231
>                 URL: https://issues.apache.org/jira/browse/WSS-231
>             Project: WSS4J
>          Issue Type: Bug
>          Components: WSS4J Core
>    Affects Versions: 1.5.8
>         Environment: Windows, Solaris
>            Reporter: Chris Weitner
>            Assignee: Colm O hEigeartaigh
>              Labels: timestamp, ws-security
>             Fix For: 1.5.13, 1.6.8
>
>         Attachments: patch.txt
>
>
> There is an issue with the position of the <Timestamp> element in the <Security>
header when using  WSS4J calling .NET Web Services with WS-Security.  When using the "Timestamp
Signature" action over https, we are receiving the following error: "Signing without primary
signature requires timestamp".   When I modified org.apache.ws.security.message.WSSecSignature
to position <Timestamp> as the first element in <Security> it worked fine (by
default <Timestamp> is the last element and after the <Signature>).  Can this
be fixed or can you make Timestamp positioned first as a configuration option?
> <soapenv:Header>
>   <wsse:Security>
>  
>     <wsu:Timestamp>
>       <wsu:Created>2010-05-06T16:46:31.594Z</wsu:Created>
>       <wsu:Expires>2010-05-06T16:51:31.594Z</wsu:Expires>
>     </wsu:Timestamp>
>  
>     <wsse:BinarySecurityToken</wsse:BinarySecurityToken>
>  
>     <ds:Signature>
>        ....
>     </ds:Signature>
>   </wsse:Security>
> </soapenv:Header>

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org


Mime
View raw message