Uploaded image for project: 'WSS4J'
  1. WSS4J
  2. WSS-211

WSS4J does not support ThumbprintSHA1 in DerivedKeyTokens

VotersWatch issueWatchersLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 1.5.8
    • 1.5.9, 1.6
    • WSS4J Core
    • None

    Description

      WSS4J cannot process DerivedKeyTokens like this:

      <wsc:DerivedKeyToken>
      <wsse:SecurityTokenReference>
      <wsse:KeyIdentifier EncodingType="http://docs.oasis-open.org/wss/2004/
      01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://do
      cs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1">bg6I82
      67h0TUcPYvYE0D6k6+UJQ=</wsse:KeyIdentifier>
      </wsse:SecurityTokenReference>
      <wsc:Length>32</wsc:Length>
      <wsc:Nonce>DIy2yeX+w4hX4WUVb6noCQ+XCCA=</wsc:Nonce>
      </wsc:DerivedKeyToken>

      Attachments

        Activity

          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            coheigea Colm O hEigeartaigh
            coheigea Colm O hEigeartaigh
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment