Uploaded image for project: 'Rampart'
  1. Rampart
  2. RAMPART-421

Handling of WS-Policy <sp:ContentEncryptedElements /> is not working properly

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 1.6.2, 1.7.0
    • Fix Version/s: None
    • Labels:
      None

      Description

      Using following peace of WS policy is not working as expected. The observed problems are described beneath

      <sp:ContentEncryptedElements xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
      <sp:XPath xmlns:SOAP="http://www.w3.org/2003/05/soap-envelope" xmlns:HDR1="urn:mynamespace">/SOAP:Envelope/SOAP:Header/HDR1:TestHeader</sp:XPath>
      <sp:XPath xmlns:SOAP="http://www.w3.org/2003/05/soap-envelope" xmlns:HDR1="urn:mynamespace">/SOAP:Envelope/SOAP:Header/HDR1:TestHeader2</sp:XPath>
      </sp:ContentEncryptedElements>

      1. Serialization of policy above omits declared namespace declarations in scope of XPath element. For contrast serialization of sp:EncryptedElements takes into account XPtah namespaces when being serialized.

      2. In case when only sp:ContentEncryptedElements and no other signed/encrypted parts or elements is used in the policy then checking whether security header is required in incoming message in RampartUtil.isSecHeaderRequired doesn't take into account ContentEncryptedElements collection size which leads to an error later on.
      See attached policy for reference.

        Attachments

        1. content-encr-policy.txt
          4 kB
          Detelin Hadzhiev

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              d_hadzhiev Detelin Hadzhiev
            • Votes:
              4 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated: