ws-fx-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Davanum Srinivas (JIRA)" <>
Subject [jira] Moved: (WSS-2) Pre-OASIS_1_0 Compliance uses inappropriate header attributes
Date Fri, 08 Jul 2005 19:03:13 GMT
     [ ]

Davanum Srinivas moved WSFX-12 to WSS-2:

      Project: WSS4J  (was: WSFX)
          Key: WSS-2  (was: WSFX-12)
    Component:     (was: WSS4J)

> Pre-OASIS_1_0 Compliance uses inappropriate header attributes
> -------------------------------------------------------------
>          Key: WSS-2
>          URL:
>      Project: WSS4J
>         Type: Bug
>  Environment: JDK1.4.2_04; windows 2000sp4; axis1.2beta
>     Reporter: Cameron F. Logan

> For web services that are only compliant to lower specifications (e.g., OASIS_2002_07),
the presence of the "Type" attribute on the wsse:Password element causes the invocations using
the Username token to fail. I compiled the WSS4J package with the OASIS_2002_07 compliance
level, however, it still inserted the lengthy Type attribute in to the Password element; I
believe that this attribute is only relevant for the OASIS_1_0 specification. Especially if/when
the header is set to "mustUnderstand", this causes the authentication to fail. If one explicitly
removes the writting of this type attribute in the UsernameToken object, then the invocation
succeeds for the OASIS_2002_07 compliant service.
> In general, it seems that backward compatibility for the Username token needs some serious

This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators:
For more information on JIRA, see:

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message