[CXF-2914] Digest algorithm defined in WS-SecurityPolicy is not honored in WS-Security signature from client - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 2.2.10, 2.3
Fix Version/s: 2.2.10, 2.3
Component/s: WS-* Components
Labels:
None

Description

The digest algorithm "http://www.w3.org/2000/09/xmldsig#sha1" is used in digital signatures from clients configured via WS-SecurityPolicy even when an AlgorithmSuite is defined within the policy that should resolve to a different digest algorithm. For example, the following AlgorithmSuite policy should result in the digest algorithm of "http://www.w3.org/2001/04/xmlenc#sha256" (per the WS-SecurityPolicy specification):

<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic256Sha256 />
</wsp:Policy>
</sp:AlgorithmSuite>

The correct digest algorithm is determined by the AlgorithmSuite in the Binding; however, the algorithm information is not propagated to the WSSecSignature object that creates the signature.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

cxf-2914-trunk.patch
29/Jul/10 03:01
8 kB
Rich Newcomb

Activity

People

Assignee:: David Valeri

Reporter:: Rich Newcomb

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 28/Jul/10 02:55

Updated:: 22/Sep/15 14:14

Resolved:: 29/Jul/10 15:46