[
https://issues.apache.org/activemq/browse/SM-1897?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=54680#action_54680
]
Trudi Ersvaer commented on SM-1897:
-----------------------------------
Hi Jean-Baptiste,
Thanks for looking into this issue.
I've had a bit more of a play with it, but I don't seem to get it to work. Let
me try to explain my problem some more.
I have a namespace of: urn:/copy.wsdl
My WSDL defines a service named: copyServiceService
In security.xml I had the authZ entry as:
<sm:authorizationEntry service="{urn:/copy.wsdl}:copyServiceService"
roles="superuser" />
After reading the link you supplied (thanks) I change the authZ entry to:
<sm:authorizationEntry service="{urn:/copy.wsdl}copyServiceService"
roles="superuser" />
(I've removed the colon after the last brace).
In both cases above I don't get a stacktrace, but I do get an INFO log:
Illegal repetition
{urn
When I stop the debugger in SecuredBroker I see the following (note the
additional braces):
authorizationEntries = {java.util.arrayl...@1135} size = 1
[0] =
{org.apache.servicemix.jbi.security.acl.impl.authorizationen...@1145}"AuthorizationEntry[service={{urn}/copy.wsdl}copyServiceService,
endpoint=null, roles=superuser]"
So even if I didn't get the INFO message above, the service namespace would not
match because of the additional braces.
Is my authZ entry still incorrect?
Btw, I am using a CXF consumer with WSS interceptors. And SoapUI correctly
adds the WSS credentials to the incoming message (observed via TCPMON).
Trudi Ersvaer
CA
Sr Software Engineer
Tel: +61 3 99446629
[email protected]
> authorizationEntry service namespace can't be a urn
> ---------------------------------------------------
>
> Key: SM-1897
> URL: https://issues.apache.org/activemq/browse/SM-1897
> Project: ServiceMix
> Issue Type: Bug
> Affects Versions: 3.3.1
> Environment: Windows XP Pro.
> Java 1.6.0_12
> Reporter: Trudi Ersvaer
>
> In security.xml the authorizationEntry's service attribute seems not to cope
> with a urn namespace.
> For example, I've replaced the existing authorization entry (in security.xml)
> with a new one:
> service="{urn:/addsource.wsdl}:addsourceService" roles="superuser"
> The problem with this is that I get a PatternSyntaxException because the
> service name is translated into (I can see this in the debugger):
> {{urn}/addsource.wsdl}:addsourceService
> When I removed the braces from the service name in security.xml for example:
> service="urn:/addsource.wsdl:addsourceService" roles="superuser"
> the service still doesn't match because the service name is transated into
> (again viewed in the debugger):
> {urn}/addsource.wsdl:addsourceService
> If I change all my namespaces to:
> xxx
> and in security.xml changed the service name to:
> xxx:addsourceService
> finally the service matched and authZ works.
>
> Any ideas why the authorizationEntry isn't coping with a urn namespace?
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
