[CXF-5083] Failure in checkEndorsed() when timestamp is not signed with EndorsingSupportingTokens - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Duplicate
Affects Version/s: 2.7.5
Fix Version/s: 2.7.5
Component/s: WS-* Components
Labels:
None
Environment:

All platforms

Estimated Complexity:
Moderate

Description

In AbstractSupportingTokenPolicyValidator.java, the checkEndorsed() method is failing when TLS is used and timestamp is not signed. In my scenario, I am using EndorsingSupportingTokens with SymmetricBinding and the client request is sent over SSL, so TLS is used. The problem is the SOAP request generated does not have timestamp signed, it only has <ds:Signature> signed, but the checkEndorsed routine is failing as it requires timestamp to be signed with TLS is in use.

I am not sure if this problem will be fixed by ~~CXF-5056~~.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

SymEndorsingPolicy.xml
17/Jun/13 14:28
2 kB
Syed Abdul Wadood

Issue Links

is a clone of

CXF-5056 EndorsingSupportingTokens with both transport security and message layer security applied

Closed

Activity

People

Assignee:: Colm O hEigeartaigh

Reporter:: Syed Abdul Wadood

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 17/Jun/13 14:12

Updated:: 14/Aug/13 15:50

Resolved:: 17/Jun/13 14:21

Time Tracking

Estimated:

48h

Remaining:

48h

Logged:

Not Specified