Uploaded image for project: 'CXF'
  1. CXF
  2. CXF-5079

Add support for mustunderstand = false in PolicyBasedWSS4JOutInterceptor

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 2.5.10, 2.6.8, 2.7.5
    • 2.5.11, 2.6.9, 2.7.6
    • JAX-WS Runtime
    • None
    • Unknown

    Description

      As discussed on the cxf-developer mailing list, patch is coming up shortly:

      Yes, please submit a patch for this.

      Colm.

      On Thu, Jun 13, 2013 at 3:53 PM, <oddbjorn.heimdal@accenture.com> wrote:

      > Hi,
      >
      > We have hit a limitation in PolicyBasedWSS4JOutInterceptor which hard
      > codes mustUnderstand = true (line 99). This is configurable in the
      > WSS4JOutInterceptor today, but not when using policy.
      >
      > public void handleMessage(SoapMessage message) throws Fault {
      > Collection<AssertionInfo> ais;
      > SOAPMessage saaj = message.getContent(SOAPMessage.class);
      >
      > boolean mustUnderstand = true;
      > String actor = null;
      >
      > Obviously this makes sense in most cases, but we have some
      > intermediaries which do not understand security...
      >
      > Would you accept a patch to have this configurable, for instance by
      > creating a new property in SecurityConstants (for instance
      > ws-security.mustsunderstand) and default to true?
      >
      > Best regards,
      >
      > Oddbjørn
      >
      > ______________________________________________________________________
      > _____________________
      > Oddbjørn Heimdal
      > Accenture Technology Consulting - Security Snarøyveien 30, P.O. Box
      > 363, 1326 Lysaker, Norway
      > Mobile: +47 99 72 19 12
      > Email: oddbjorn.heimdal@accenture.com<mailto:
      > oddbjorn.heimdal@accenture.com>
      >
      >
      > ________________________________
      > This message is for the designated recipient only and may contain
      > privileged, proprietary, or otherwise confidential information. If you
      > have received it in error, please notify the sender immediately and
      > delete the original. Any other use of the e-mail by you is prohibited.
      >
      > Where allowed by local law, electronic communications with Accenture
      > and its affiliates, including e-mail and instant messaging (including
      > content), may be scanned by our systems for the purposes of
      > information security and assessment of internal compliance with Accenture policy.
      >
      >
      > ______________________________________________________________________
      > ________________
      >
      > www.accenture.com
      >


      Colm O hEigeartaigh

      Talend Community Coder
      http://coders.talend.com

      Attachments

        1. Patch_for_CXF-5079.patch
          3 kB
          Oddbjørn Heimdal

        Activity

          People

            coheigea Colm O hEigeartaigh
            oddbjorn.heimdal Oddbjørn Heimdal
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: