Uploaded image for project: 'Rampart'
  1. Rampart
  2. RAMPART-389

RampartException: "Unexpected signature" thrown on client side when the service policy requires SignatureConfirmation and it is the only signed element.

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 1.6.2
    • Fix Version/s: None
    • Component/s: rampart-core
    • Labels:

      Description

      When validating signed parts the PolicyBasedResultsValidator does not handle SignatureConfirmation when receiving the service response. According to the security policy specification the wsse11:SignatureConfirmation element should be covered by the message signature, but rampart validator fails with "Unexpected signature" in case the SignatureConfirmation is the only signed thing in the response message, because it is not added to the list of expected signed parts/elements.

        Attachments

        1. SignatureConfirmationPatch.txt
          0.8 kB
          Stefan Vladov
        2. SignatureConfirmationPolicy.xml
          2 kB
          Stefan Vladov

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              chefo Stefan Vladov
            • Votes:
              1 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: