[prev in list] [next in list] [prev in thread] [next in thread] 

List:       sandesha-dev
Subject:    New security patch, and a comment on the RampartBasedSecurityManager
From:       Matthew Lovett <MLOVETT () uk ! ibm ! com>
Date:       2006-09-28 12:57:31
Message-ID: OFC17CA9D0.2BCD07B2-ON802571F7.00465679-802571F7.0046FA23 () uk ! ibm ! com
[Download RAW message or body]

Hi all,

I just attached a new patch to 
https://issues.apache.org/jira/browse/SANDESHA2-16, to implement the TODOs 
left behind from some refactoring.

While putting that in I had a quick look at the rampart security manager, 
and I think that it is missing a bit of logic in the 
checkProofOfPossession() method. The purpose if that check is to ensure 
that the sender of 'this' message has possession of the token that was 
embedded in the create sequence message. See the public review draft of 
the WS-RM 1.1 spec for the justification for this - in short it is to 
prevent hijacking of the Sequence by another authorized user. If you have 
a no-op there then I expect that you have left this hole open, though I 
can't be 100% sure as I've not used rampart.

Thanks

Matt



---------------------------------------------------------------------
To unsubscribe, e-mail: sandesha-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: sandesha-dev-help@ws.apache.org

[prev in list] [next in list] [prev in thread] [next in thread]