[jira] Created: (RAMPART-84) "SupportingTokens" Token Inop for Asymetric Binding (Sign before Encrypt)

Sun, 09 Sep 2007 21:12:57 -0700 

"SupportingTokens" Token Inop for Asymetric Binding (Sign before Encrypt)
-------------------------------------------------------------------------

                 Key: RAMPART-84
                 URL: https://issues.apache.org/jira/browse/RAMPART-84
             Project: Rampart
          Issue Type: Bug
          Components: rampart-core
    Affects Versions: 1.3
         Environment: Axis2-1.3 Rampart 1.3 Windows
            Reporter: Jon Hanshew
            Priority: Minor
             Fix For: 1.3


Added UserToken from the SignedSupportingToken from Policy Sample01 to 
Sample02.  Everything worked OK.  Changed SignedSupportingToken to 
SupportingToken.  Got failure.  Modified AsymmetricBindingBuilder.java to make 
Sign-Before-Encrypt processing match Encrypt-Before-Signing processing as 
described in the attached code fragment shown below.  Seemed to fix the problem.

Question:  Should SignedSupportingToken processing be the same as 
SupportingToken processing?  Both flavors seems to produce the same encrypted 
UsernameToken.

current:

if (rmd.isInitiator()) {

                // Now add the supporting tokens
                SupportingToken sgndSuppTokens = rpd
                        .getSignedSupportingTokens();

                sigSuppTokMap = this
                        .handleSupportingTokens(rmd, sgndSuppTokens);

                SupportingToken endSuppTokens = rpd
                        .getEndorsingSupportingTokens();

                endSuppTokMap = this.handleSupportingTokens(rmd, endSuppTokens);

                SupportingToken sgndEndSuppTokens = rpd
                        .getSignedEndorsingSupportingTokens();

                sgndEndSuppTokMap = this.handleSupportingTokens(rmd,
                        sgndEndSuppTokens);
                 

                // Setup signature parts
                sigParts = addSignatureParts(sigSuppTokMap, sigParts);
                sigParts = addSignatureParts(sgndEndSuppTokMap, sigParts);
            } else {

as modified:

if (rmd.isInitiator()) {

                // Now add the supporting tokens
                SupportingToken sgndSuppTokens = rpd
                        .getSignedSupportingTokens();

                sigSuppTokMap = this
                        .handleSupportingTokens(rmd, sgndSuppTokens);

                SupportingToken endSuppTokens = rpd
                        .getEndorsingSupportingTokens();

                endSuppTokMap = this.handleSupportingTokens(rmd, endSuppTokens);

                SupportingToken sgndEndSuppTokens = rpd
                        .getSignedEndorsingSupportingTokens();

                sgndEndSuppTokMap = this.handleSupportingTokens(rmd,
                        sgndEndSuppTokens);

                // Added ...
                SupportingToken supportingToks = rpd.getSupportingTokens();
                this.handleSupportingTokens(rmd, supportingToks);
                

                // Setup signature parts
                sigParts = addSignatureParts(sigSuppTokMap, sigParts);
                sigParts = addSignatureParts(sgndEndSuppTokMap, sigParts);
            } else {




-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to