Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Duplicate
-
2.7.5
-
None
-
All platforms
-
Moderate
Description
In AbstractSupportingTokenPolicyValidator.java, the checkEndorsed() method is failing when TLS is used and timestamp is not signed. In my scenario, I am using EndorsingSupportingTokens with SymmetricBinding and the client request is sent over SSL, so TLS is used. The problem is the SOAP request generated does not have timestamp signed, it only has <ds:Signature> signed, but the checkEndorsed routine is failing as it requires timestamp to be signed with TLS is in use.
I am not sure if this problem will be fixed by CXF-5056.
Attachments
Attachments
Issue Links
- is a clone of
-
CXF-5056 EndorsingSupportingTokens with both transport security and message layer security applied
- Closed