Uploaded image for project: 'CXF'
  1. CXF
  2. CXF-5083

Failure in checkEndorsed() when timestamp is not signed with EndorsingSupportingTokens

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Duplicate
    • 2.7.5
    • 2.7.5
    • WS-* Components
    • None
    • All platforms

    • Moderate

    Description

      In AbstractSupportingTokenPolicyValidator.java, the checkEndorsed() method is failing when TLS is used and timestamp is not signed. In my scenario, I am using EndorsingSupportingTokens with SymmetricBinding and the client request is sent over SSL, so TLS is used. The problem is the SOAP request generated does not have timestamp signed, it only has <ds:Signature> signed, but the checkEndorsed routine is failing as it requires timestamp to be signed with TLS is in use.

      I am not sure if this problem will be fixed by CXF-5056.

      Attachments

        1. SymEndorsingPolicy.xml
          2 kB
          Syed Abdul Wadood

        Issue Links

          Activity

            People

              coheigea Colm O hEigeartaigh
              sawadood Syed Abdul Wadood
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - 48h
                  48h
                  Remaining:
                  Remaining Estimate - 48h
                  48h
                  Logged:
                  Time Spent - Not Specified
                  Not Specified