[WSS-542] Secure Conversation Renew is missing Instance creation - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: 2.0.4, 2.1.1
Fix Version/s: 2.0.5, 2.1.2
Component/s: None
Labels:
None

Description

Secure Conversation Renew is not working from a .NET client because <ws:Instance> is missing in the SecurityContextToken.

Reading into the standard here -> http://docs.oasis-open.org/ws-sx/ws-secureconversation/v1.4/os/ws-secureconversation-1.4-spec-os.html
says the following:
"The initial issuance need not contain a wsc:Instance element, however, all subsequent issuances with different keys MUST have a wsc:Instance element with a unique value."

Also a reference seems to be required in the SecurityTokenRefernce according to this:
"If a specific key instance needs to be referenced, then the global attribute wsc:Instance is included in the <wsse:Reference> sub-element (only when using <wsc:Identifier> references)"

The attached patch works for us

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

wss4j-sct-with-instance.patch
19/Jun/15 17:11
3 kB
Freddy Exposito

Activity

People

Assignee:: Colm O hEigeartaigh

Reporter:: Freddy Exposito

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 19/Jun/15 17:10

Updated:: 17/Jul/15 17:09

Resolved:: 22/Jun/15 10:32