[xfire-dev] [jira] Created: (XFIRE-752) WSS4JInHandler.checkReceiverResults(Vector, Vector), requires that Vector params are in the same order

Mon, 13 Nov 2006 15:43:33 -0800 

WSS4JInHandler.checkReceiverResults(Vector, Vector), requires that Vector 
params are in the same order
------------------------------------------------------------------------------------------------------

                 Key: XFIRE-752
                 URL: http://jira.codehaus.org/browse/XFIRE-752
             Project: XFire
          Issue Type: Bug
    Affects Versions: 1.2.2
         Environment: (Shouldn't be important but here it is anyway) Tomcat 
5.0.28, Windows XP SP 2, Java 1.5.0_09
            Reporter: Nick West
         Assigned To: Dan Diephouse
         Attachments: ws-security_checkReceiverResults.zip

WSS4JInHandler.checkReceiverResults(Vector, Vector) expects that the first 
Vector, wsResult, of WSSecurityEngineResult are in the same order as the passed 
in Vector, actions, Integers are in the same order.  This causes problems when 
calling a WS from .NET which uses WSE2.0 as the timestamp isn't always in the 
order that you would expect it to be causing a "WSS4JInHandler: security 
processing failed (actions mismatch)" exception to be thrown.

A related note, it appears someone else was/is having the same issue (see the 
middle post)
http://mail-archives.apache.org/mod_mbox/ws-wss4j-dev/200512.mbox/[EMAIL 
PROTECTED]

My proposed solution would be make the method checkReceiverResults not care 
about the order of the vectors passed in, here is some code that fixes the 
problem:

        protected boolean checkReceiverResults(Vector wsResult, Vector actions) 
{
                int resultActions = wsResult.size();
                
                for (int i = 0; i < resultActions; i++) {
                        int act = ((WSSecurityEngineResult) 
wsResult.get(i)).getAction();
                        if (act == WSConstants.SC) {
                                continue;
                        }
                        
                        if(!actions.contains(new Integer(act))){
                                return false;
                        }
                }
                return true;
        }

Also attached is a modified book security example found in the xfire examples 
section.  If you run the main method it will demonstrate this bug, then 
exercise the proposed bug fix


-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: 
http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

---------------------------------------------------------------------
To unsubscribe from this list please visit:

    http://xircles.codehaus.org/manage_email

Reply via email to