[CXF-5046] EncryptedSupportingTokens used with EncryptBeforeSigning does not encrypt Username token - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 2.6.2, 2.7.5
Fix Version/s: 2.6.8, 2.5.11, 2.7.6
Component/s: WS-* Components
Labels:
- patch
Environment:

All platforms

Estimated Complexity:
Moderate

Description

In some cases, the <EncryptedSupportingTokens> policy assertion does not encrypt the supporting token. When the policy contains the <EncryptBeforeSigning> assertion, <SignedParts> and <EncryptedParts> assertions along with the <EncryptedSupportingTokens> assertion for a username token, the username token is not encrypted in the outbound SOAP message.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

asymbind_patch.txt
29/May/13 15:53
3 kB
Syed Abdul Wadood
encrypted_supporting_tokens_policy.xml
29/May/13 15:54
2 kB
Syed Abdul Wadood

Activity

People

Assignee:: Colm O hEigeartaigh

Reporter:: Syed Abdul Wadood

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 29/May/13 15:49

Updated:: 14/Aug/13 15:49

Resolved:: 30/May/13 13:22

Time Tracking

Estimated:

72h

Remaining:

72h

Logged:

Not Specified