[RAMPART-278] PolicyBasedResultsValidator throws exception when headers encrypted before signing. - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 1.6.0
Component/s: rampart-core
Labels:
None

Description

PolicyBasedResultsValidator uses wsu:Id of signed elements to validate that headers were signed. If header was encrypted before signing, wsu:Id is id on EncryptedHeader element, which was detached from header by WSS4J and replaced with the decrypted header. Consequently the check fails and validator incorrectly throws an exception.

Also RampartUtil excludes child text nodes when converting soap header blocks, i.e. a header block with a single child text node would be incorrectly converted to an empty header block. See attached patch for painless fix to both problems.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

SignedEncryptedHeaders.patch
16/Jan/10 20:00
5 kB
todd wolff

Activity

People

Assignee:: Dimuthu Leelarathne

Reporter:: todd wolff

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 16/Jan/10 19:57

Updated:: 19/Oct/11 18:51

Resolved:: 23/Dec/10 05:54