Uploaded image for project: 'CXF'
  1. CXF
  2. CXF-2639

Expose Cryptographic coverage checking code from PolicyBasedWSS4JInInterceptor in a non-WS-Policy based interceptor

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Minor
    • Resolution: Fixed
    • 2.3
    • 2.2.8, 2.3
    • WS-* Components
    • None

    Description

      In some cases, manual configuration of security profile/policy is necessary. In one particular example, I would like to validate cryptographic coverage of a SOAP message while using a traditionally/manually configured interceptor chain. The existing code that enforces such coverage is only accessible to PolicyBasedWSS4JInInterceptor and cannot be reused. Additionally, this code is affected by CXF-2638.

      The solution could be a class that holds XPath expressions for the different types of required cryptographic coverage and can be injected into a a simple interceptor that is usable without policy based configuration.

      Attachments

        Issue Links

          is blocked by

          Bug - A problem which impairs or prevents the functions of the product. CXF-2638 WS-SecurityPolicy SignedElements, SignedParts, EncryptedParts, EncryptedElements, and ContentEncryptedElements assertions incorrectly verified

          • Major - Major loss of function.
          • Closed

          Activity

            People

              davaleri David Valeri
              davaleri David Valeri
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: