[
https://issues.apache.org/jira/browse/RAMPARTC-20?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Malinda Kaushalye Kapuruge resolved RAMPARTC-20.
------------------------------------------------
Resolution: Invalid
Fix Version/s: 1.0.0
This verification is not strict for the encryption. Please see the signature
scenario where it throws a fault back to the client.
> Even when client fails due to invalid policy files, the server sends
> successful soap message as the reply
> ---------------------------------------------------------------------------------------------------------
>
> Key: RAMPARTC-20
> URL: https://issues.apache.org/jira/browse/RAMPARTC-20
> Project: Rampart/C
> Issue Type: Bug
> Components: Rampart-core
> Environment: Windows XP
> Reporter: Evanthika Amarasiri
> Assignee: Malinda Kaushalye Kapuruge
> Fix For: 1.0.0
>
>
> Below are the steps to reproduce the issue
> 1. Used policy files with the following configurations
> policy.xml
> ========
> <wsp:Policy>
> <sp:MustSupportRefKeyIdentifier/>
> <!--sp:MustSupportRefEmbeddedToken/>
> <sp:MustSupportRefIssuerSerial/-->
> </wsp:Policy>
> services.xml
> ==========
> <wsp:Policy>
> <!--sp:MustSupportRefKeyIdentifier/>
> <sp:MustSupportRefEmbeddedToken/-->
> <sp:MustSupportRefIssuerSerial/>
> </wsp:Policy>
> 2. When a request is sent, the client fails but when viewed through TCPMon,
> you can see that a reply is sent from the server
> This is incorrect. Since the server does not support
> <sp:MustSupportRefKeyIdentifier/>, a fault should be sent from the server
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
