Uploaded image for project: 'Rampart'
  1. Rampart
  2. RAMPART-426

Rampart has no support for handling actor/role attribute in the Security header

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 1.6.2
    • Fix Version/s: None
    • Component/s: rampart-core
    • Labels:
    • Flags:
      Patch

      Description

      According to the WS-Security specification:

      "The <wsse:Security> header block provides a mechanism for attaching security-related information targeted at a specific recipient in the form of a SOAP actor/role."

      <wsse:Security S11:actor="..." S11:mustUnderstand="..."/>

      Currently, Rampart is far from full support for actor/role.

      • RampartEngine has a bare support, taking the 'actor' attribute from a random Security header.In addition, in SOAP 1.2, the 'actor' attribute is renamed to 'role', which is not handled by the RampartEngine.
      • Rampart message builders has no support for actor/role.
      • Rampart configuration has no support for actor/role also

      WSS4J has support for actor/role and such could easily be added in Rampart.Proper configuration should be added and actor/role values should be propagated to WSS4J.

        Attachments

        1. actor.patch
          103 kB
          Boris Dushanov

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              b.dushanov Boris Dushanov
            • Votes:
              6 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated: