Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Not A Problem
-
4.0.4
-
None
-
None
-
Unknown
Description
I'm fixing some tests in quarkus-cxf and I found a behavior which seems to be not desired. On the other hand I might be missing some information and this behavior is expected.
Reproducer:
- Clone and build https://github.com/JiriOndrusek/quarkus-cxf/tree/suite-influence-reprodocer
- Run (with remote debug)
./mvnw clean test -f integration-tests/ws-security-policy -Dtest="EncryptSignPolicyTest#helloEncryptSign" -Dmaven.surefire.debug
Check value of effectivePolicy in this line https://github.com/apache/cxf/blob/main/rt/ws/policy/src/main/java/org/apache/cxf/ws/policy/PolicyOutInterceptor.java#L98
Look intoeffectivePolicy->policy->policyComponents->exactlyOne->policyComponents->all->policyComponents->asymmetricBinding->alghoritnSuite->alghorithSuiteType
Value is Basic256
- Run different test by this command
./mvnw clean test -f integration-tests/ws-security-policy -Dtest="CustomEncryptSignPolicyTest#helloDefaultCustomValues" -Dmaven.surefire.debug
Debug the same place and you can see, that the alghoritmSuiteType is CustomAlgorithmSuite
- Now run both tests together by
./mvnw clean test -f integration-tests/ws-security-policy -Dtest="EncryptSignPolicyTest#helloEncryptSign,CustomEncryptSignPolicyTest#helloDefaultCustomValues" -Dmaven.surefire.debug
The first breakpoint is triggered by
CustomEncryptSignPolicyTest#helloDefaultCustomValues
and you can see hat the alghoritmSuiteType is CustomAlgorithmSuite
The second breakpoint belongs toEncryptSignPolicyTest#helloEncryptSign
, but the value in the efectivePolicy->..->asymmetricBinding is CustomAlgorithmSuite
This is wrong, the correct value should be Basic256
I changed test `CustomEncryptSignPolicyTest#helloDefaultCustomValues` to use Basic128Rsa15 (to verify that the culprit is not the customAlgorithmSuite) and the result was wrong as with default values.
Single execution showed Basic128Rsa15 or Basic256 (depends on the test), but execution of both tests showed Basic128Rsa15 in both cases.
I think that the behavior is wrong. I have a test suite running on FIPS machine. If tests are executed alone all works correctly (some tests asserts success, some tests asserts failure). If I run tests together, the tests which should fail, are successful.