[
https://issues.apache.org/jira/browse/RAMPARTC-124?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Dimuthu Gamage updated RAMPARTC-124:
------------------------------------
Description:
Currently in the username token scenario Rampart Servers send the response with
empty security headers (setting musUnderstand=1), even when the policy doesn't
imply any security in response. SO Rampart/Java skip the security processing
and claim the "it doesn't unserstant mustUnderstand=1 header.
This is a bug in Rampart/C to send empty security headers in the response
was:
Currently in the username token scenario Rampart Servers send the response with
empty security headers (setting musUnderstand=1), even when the policy doesn't
imply any security in response. SO Rampart/Java skip the security processing
and claim the "it doesn't unserstant mustUnderstand=1 header.
This is a bug in Rampart/Java to send empty security headers in the response
> Interoperability issue with Rampart/Java in Rampart/C in username token
> scenario
> --------------------------------------------------------------------------------
>
> Key: RAMPARTC-124
> URL: https://issues.apache.org/jira/browse/RAMPARTC-124
> Project: Rampart/C
> Issue Type: Bug
> Components: Rampart-core
> Affects Versions: 1.2.0
> Environment: Linux + window
> Reporter: Dimuthu Gamage
> Assignee: S.Uthaiyashankar
> Fix For: Next Version
>
>
> Currently in the username token scenario Rampart Servers send the response
> with empty security headers (setting musUnderstand=1), even when the policy
> doesn't imply any security in response. SO Rampart/Java skip the security
> processing and claim the "it doesn't unserstant mustUnderstand=1 header.
> This is a bug in Rampart/C to send empty security headers in the response
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
