'[jira] [Closed] (WSS-473) BST signature element'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       webservices-general
Subject:    [jira] [Closed] (WSS-473) BST signature element
From:       "Colm O hEigeartaigh (JIRA)" <jira () apache ! org>
Date:       2014-10-07 8:03:34
Message-ID: JIRA.12659822.1374764646000.206364.1412669014474 () Atlassian ! JIRA
[Download RAW message or body]


     [ https://issues.apache.org/jira/browse/WSS-473?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel \
]

Colm O hEigeartaigh closed WSS-473.
-----------------------------------

> BST signature element
> ---------------------
> 
> Key: WSS-473
> URL: https://issues.apache.org/jira/browse/WSS-473
> Project: WSS4J
> Issue Type: Bug
> Components: WSS4J Core
> Affects Versions: 1.6.11
> Reporter: Stéphane CIZERON
> Assignee: Colm O hEigeartaigh
> Labels: BST, signature
> Fix For: 1.6.12
> 
> Original Estimate: 2h
> Remaining Estimate: 2h
> 
> In the 1.5.x versions, when we wanted to sign the BST, we used a special keyword \
> 'Token' and the signed element was the BST.  In 1.6.x, the Token keyword doesn' t \
> exist anymore,  When the Token is used, a general security error is raised \
> (WSEncryptBody/WSSignEnvelope: Element to encrypt/sign not found: \
> http://schemas.xmlsoap.org/soap/envelope/, Token). If we use STRTransform, the \
> validation fails because the signed element is the SecurityTokenReference and not \
> the BST. if we use  \
> {}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}BinarySecurityToken \
> as WSEncryptionPart, we have the same general error => element not found. I check \
> the SingatureAction.java, the BST is appended at the end whereas if it was appened \
> just after the prepare method (line 70), the last issue is OK. I tested it and it \
> works, the validation BST signature is OK. wsSign.prepare(doc, \
> reqData.getSigCrypto(), reqData.getSecHeader()); \
> wsSign.prependBSTElementToHeader(reqData.getSecHeader()); 
> Could you tell me first if it's a correct workaround? 
> And in the second time, if the correction could be packaged in the 1.6.12 quickly ?
> Best regards
> Stéphane



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic