[
https://issues.apache.org/jira/browse/CXF-1436?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Daniel Kulp resolved CXF-1436.
------------------------------
Resolution: Fixed
Fix Version/s: (was: 2.1)
2.0.5
> Error in WS-Security 1.1 Signature Confirmation handling
> --------------------------------------------------------
>
> Key: CXF-1436
> URL: https://issues.apache.org/jira/browse/CXF-1436
> Project: CXF
> Issue Type: Bug
> Components: WS-* Components
> Affects Versions: 2.1
> Reporter: Colm O hEigeartaigh
> Assignee: Daniel Kulp
> Priority: Minor
> Fix For: 2.0.5
>
> Attachments: sigconf.patch
>
>
> WS-Security 1.1 Signature Confirmation is a mechanism whereby a receiver of a
> signed SOAP message attaches a "SignatureConfirmation" blob in the responding
> SOAP message containing the signature that was received. In this way the
> initiator knows that the signature was received correctly.
> In CXF, support for signature confirmation is provided via the
> WSS4J*Interceptors. However, there's a minor boolean bug in the
> WSS4JOutInterceptor that mixes up the roles of the requestor and the
> responder, and hence this feature is broken.
> See attached patch for fix and unit test.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
