[prev in list] [next in list] [prev in thread] [next in thread] 

List:       woden-dev
Subject:    [jira] [Created] (WSS-659) SecurityContextToken validator set by wrong QName
From:       "Igor Konoplyanko (Jira)" <jira () apache ! org>
Date:       2019-11-25 15:28:00
Message-ID: JIRA.13270472.1574695637000.209370.1574695680138 () Atlassian ! JIRA
[Download RAW message or body]

Igor Konoplyanko created WSS-659:
------------------------------------

             Summary: SecurityContextToken validator set by wrong QName
                 Key: WSS-659
                 URL: https://issues.apache.org/jira/browse/WSS-659
             Project: WSS4J
          Issue Type: Bug
          Components: WSS4J Axis Integration
    Affects Versions: 2.2.4
            Reporter: Igor Konoplyanko
            Assignee: Colm O hEigeartaigh


SecurityContextToken validator is set in apache cxf using properties:
 properties.put(SCT_TOKEN_VALIDATOR, "someValidator"); 
   

  But it can't be used because SecurityContextTokeinInputHandler looks it up via \
other QName. wss4j sets it as \{http://schemas.xmlsoap.org/ws/2005/02/sc}Identifier \
and CXF sets it as \{http://schemas.xmlsoap.org/ws/2005/02/sc}SecurityContextToken.

  

Code pieces:

org.apache.cxf.ws.security.wss4j.WSS4JStaxInInterceptor#setTokenValidators
 if (validator != null) {

properties.addValidator(WSSConstants.TAG_WSC0502_SCT, validator); \
properties.addValidator(WSSConstants.TAG_WSC0512_SCT, validator);

}

  

WSS4J Part: SecurityContextTokenInputHandler.java:72 
             SecurityContextTokenValidator securityContextTokenValidator = 
 wssSecurityProperties.getValidator(elementName); 
             if (securityContextTokenValidator == null)

{                   securityContextTokenValidator = new \
SecurityContextTokenValidatorImpl();             }

  

I am still not sure where this problem should be fixed - on CXF or on wss4j side?



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org


[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic