[CXF-6468] Secure Conversation Renew is missing Instance creation - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: 3.0.5, 3.1.1
Fix Version/s: 3.0.6, 3.1.2
Component/s: None
Labels:
None

Estimated Complexity:
Unknown

Description

Secure Conversation Renew is not working from a .NET client because <ws:Instance> is missing in the SecurityContextToken.
Reading into the standard here -> http://docs.oasis-open.org/ws-sx/ws-secureconversation/v1.4/os/ws-secureconversation-1.4-spec-os.html

says the following:
"The initial issuance need not contain a wsc:Instance element, however, all subsequent issuances with different keys MUST have a wsc:Instance element with a unique value."
Also a reference seems to be required in the SecurityTokenRefernce according to this:
"If a specific key instance needs to be referenced, then the global attribute wsc:Instance is included in the <wsse:Reference> sub-element (only when using <wsc:Identifier> references)"
The attached patch works for us

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

cxf-sct-with-instance.patch
19/Jun/15 17:19
5 kB
Freddy Exposito

Activity

People

Assignee:: Colm O hEigeartaigh

Reporter:: Freddy Exposito

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 19/Jun/15 17:19

Updated:: 14/Oct/16 14:28

Resolved:: 22/Jun/15 11:40