[RAMPART-421] Handling of WS-Policy <sp:ContentEncryptedElements /> is not working properly - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Open
Priority: Major
Resolution: Unresolved
Affects Version/s: 1.6.2, 1.7.0
Fix Version/s: 2.0.0
Component/s: rampart-core, rampart-policy
Labels:
None

Description

Using following peace of WS policy is not working as expected. The observed problems are described beneath

<sp:ContentEncryptedElements xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
<sp:XPath xmlns:SOAP="http://www.w3.org/2003/05/soap-envelope" xmlns:HDR1="urn:mynamespace">/SOAP:Envelope/SOAP:Header/HDR1:TestHeader</sp:XPath>
<sp:XPath xmlns:SOAP="http://www.w3.org/2003/05/soap-envelope" xmlns:HDR1="urn:mynamespace">/SOAP:Envelope/SOAP:Header/HDR1:TestHeader2</sp:XPath>
</sp:ContentEncryptedElements>

1. Serialization of policy above omits declared namespace declarations in scope of XPath element. For contrast serialization of sp:EncryptedElements takes into account XPtah namespaces when being serialized.

2. In case when only sp:ContentEncryptedElements and no other signed/encrypted parts or elements is used in the policy then checking whether security header is required in incoming message in RampartUtil.isSecHeaderRequired doesn't take into account ContentEncryptedElements collection size which leads to an error later on.
See attached policy for reference.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

content-encr-policy.txt
12/Nov/14 11:53
4 kB
Detelin Hadzhiev

Activity

People

Assignee:: Robert Lazarski

Reporter:: Detelin Hadzhiev

Votes:: 4 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 12/Nov/14 11:51

Updated:: 6 days ago 19:59