Details
-
Bug
-
Status: Closed
-
Minor
-
Resolution: Fixed
-
3.0.3, 2.7.14
-
None
-
Unknown
Description
There is a bug in the WS-SecurityPolicy layer in CXF when matching a request message against a Signed/Encrypted Elements security policy with multiple XPath expressions. The namespace/prefixes are only read from the first XPath policy, meaning that if the second or subsequent policy uses a different prefix that isn't in scope, the policy validation will fail.