[prev in list] [next in list] [prev in thread] [next in thread]
List: xmlrpc-dev
Subject: [jira] Created: (WSS-254) Encryption/signing of multiple message
From: "Marcin Markiewicz (JIRA)" <jira () apache ! org>
Date: 2010-11-25 9:16:14
Message-ID: 2509659.305541290676574268.JavaMail.jira () thor
[Download RAW message or body]
Encryption/signing of multiple message parts with same name not working
-----------------------------------------------------------------------
Key: WSS-254
URL: https://issues.apache.org/jira/browse/WSS-254
Project: WSS4J
Issue Type: Bug
Components: WSS4J Core
Affects Versions: 1.5.9, 1.5.8, 1.5.7, 1.5.6, 1.5.5, 1.5.4, 1.5.10, 1.6
Environment: all. (found out an a windows vista machine with java 1.6)
Reporter: Marcin Markiewicz
Assignee: Colm O hEigeartaigh
Priority: Critical
The current implementation of the class "WSSecEncypt" lookf in the document to \
encrypt for elements only by their name and namespace (this are the only informations \
provided by the class "WSEncryptionPart"). The search find the first element with \
this name and lets encrypt it. If there are other elements with the same name we wish \
to encrypt it cannot be done. But it is needed if one uses lists of elements \
Following example shows the issue: <xml...>
<soapenv:Envelope>
<soapenv:Header>
<myNS:Header1>
<!-- XML data-->
</myNS:Header1>
<myNS:Header2>
<!-- XML data-->
<myNS:attachment>
<!-- some data we don't wish to encrypt -->
<myNS:attachment>
</myNS:Header2>
...
<myNS:Attachments>
<myNS:attachment>
<!-- 1. binary data base64 encoded -->
</myNS:attachment>
<myNS:attachment>
<!-- 2. binary data base64 encoded -->
</myNS:attachment>
<myNS:attachment>
<!-- 3. binary data base64 encoded -->
</myNS:attachment>
...
</myNS:Attachments>
...
<myNS:HeaderX>
<!-- XML data-->
</myNS:HeaderX>
</soapenv:Header>
<soapenv:Body>
<!-- XML data-->
</soapenv:Body>
</soapenv:Envelope>
if we use the WSEncyrpionPart this way:
WSEncryptionPart encryptionPart = new WSEncryptionPart("attachment", "myNS-URI", \
"Content"); then only the element "Envelope/Header/Header2/attachment" will be \
encryptet. Thus the one we don't want to encrypt, but the other ones will not be \
encrypted.
To solve this problem a XPath support in WSEncryptionPart and WSSecEncryption is to \
be implemented (and maybe more...)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic