[
https://issues.apache.org/jira/browse/RAMPART-28?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12483932
]
Angel Todorov commented on RAMPART-28:
--------------------------------------
Hi Ruchith,
What makes you think UsernameToken is not a SOAP header? In my opinion it is a
perfectly valid SOAP header, and any SOAP-compliant engine should process it
correctly. The same for Timestamp, ReplyTo, and so on. It is very important
that these headers be signed and / or encrypted. Could you clarify what exactly
you mean? Is there any predefined "standard" set of SOAP Headers that can only
be processed ?
Thanks.
Regards,
Angel
> Cannot add parts of the header for encryption
> ---------------------------------------------
>
> Key: RAMPART-28
> URL: https://issues.apache.org/jira/browse/RAMPART-28
> Project: Rampart
> Issue Type: Bug
> Components: rampart-policy
> Affects Versions: 1.1
> Environment: Windows XP Pro, Apache Axis2 1.1.1 , Rampart 1.1 ,
> Tomcat 5.5.23
> Reporter: Angel Todorov
> Assigned To: Dimuthu Leelarathne
> Fix For: 1.2
>
>
> Hi,
> I am trying to add parts of the header as subelement of "EncryptedParts", in
> a policy definition for rampart. The problem is that this does not have any
> effect. The parts in the header which mark for encryption are not encrypted.
> Example:
> <sp:EncryptedParts
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
> <sp:Body/>
> <sp:Header
> sp:Name="UsernameToken"
> sp:Namespace="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"/>
> </sp:EncryptedParts>
> Thanks very much for your feedback.
> Regards,
> Angel
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
