'[jira] Commented: (WSS-231) There is an issue with the position of'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       xmlrpc-user
Subject:    [jira] Commented: (WSS-231) There is an issue with the position of
From:       "Colm O hEigeartaigh (JIRA)" <jira () apache ! org>
Date:       2011-02-25 16:45:45
Message-ID: 1079573599.16382.1298652345893.JavaMail.tomcat () hel ! zones ! apache ! org
[Download RAW message or body]


    [ https://issues.apache.org/jira/browse/WSS-231?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12999442#comment-12999442 \
] 

Colm O hEigeartaigh commented on WSS-231:
-----------------------------------------


I added a test to show how it can be done programatically here \
("testSignedTimestamp"):

http://svn.apache.org/viewvc/webservices/wss4j/branches/1_5_x-fixes/test/wssec/TestWSSecurityNew3.java?view=markup


I was mistaken in an earlier comment where I said it couldn't be done \
programatically, as the test above shows. It can't be done via configuration though.

Colm.

> There is an issue with the position of the <Timestamp> element in the <Security> \
>                 header when using  WSS4J calling .NET Web Services with \
>                 WS-Security.  
> -------------------------------------------------------------------------------------------------------------------------------------------------------
>  
> Key: WSS-231
> URL: https://issues.apache.org/jira/browse/WSS-231
> Project: WSS4J
> Issue Type: Bug
> Components: WSS4J Core
> Affects Versions: 1.5.8
> Environment: Windows, Solaris
> Reporter: Chris Weitner
> Assignee: Ruchith Udayanga Fernando
> Labels: timestamp, ws-security
> 
> There is an issue with the position of the <Timestamp> element in the <Security> \
> header when using  WSS4J calling .NET Web Services with WS-Security.  When using \
> the "Timestamp Signature" action over https, we are receiving the following error: \
> "Signing without primary signature requires timestamp".   When I modified \
> org.apache.ws.security.message.WSSecSignature to position <Timestamp> as the first \
> element in <Security> it worked fine (by default <Timestamp> is the last element \
> and after the <Signature>).  Can this be fixed or can you make Timestamp positioned \
> first as a configuration option? <soapenv:Header>
> <wsse:Security>
> 
> <wsu:Timestamp>
> <wsu:Created>2010-05-06T16:46:31.594Z</wsu:Created>
> <wsu:Expires>2010-05-06T16:51:31.594Z</wsu:Expires>
> </wsu:Timestamp>
> 
> <wsse:BinarySecurityToken</wsse:BinarySecurityToken>
> 
> <ds:Signature>
> ....
> </ds:Signature>
> </wsse:Security>
> </soapenv:Header>

-- 
This message is automatically generated by JIRA.
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic