Uploaded image for project: 'Rampart'
  1. Rampart
  2. RAMPART-119

Invalid behavior when empty <sp:SignedParts/> element present in the policy

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 1.3
    • Fix Version/s: 1.5.1
    • Component/s: rampart-core
    • Labels:
      None

      Description

      According to the ws - security policy specification 1.1 , 5.1.1 Signed Parts Assertion

      This assertion specifies the parts of the message that need integrity protection. If no child elements are specified, all message headers targeted at the UltimateReceiver role [SOAP12] or actor [SOAP11] and the body of the message MUST be integrity protected.

      So for an empty signed parts element, we have to sign all the message headers. At current we don't sign any header if signed parts element is empty.

        Attachments

        1. RAMPART-119.patch
          6 kB
          Thilina Buddhika
        2. RAMPART119.patch
          7 kB
          Thilina Buddhika

          Activity

            People

            • Assignee:
              shankar S.Uthaiyashankar
              Reporter:
              nandana.cse Nandana Mihindukulasooriya
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: