[
https://issues.apache.org/jira/browse/RAMPART-68?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12556887#action_12556887
]
Nandana Mihindukulasooriya commented on RAMPART-68:
---------------------------------------------------
If you want to enforce a particular reference type, you have to use one of
<sp:RequireKeyIdentifierReference ... />
<sp:RequireIssuerSerialReference ... />
<sp:RequireEmbeddedTokenReference ... />
<sp:RequireThumbprintReference ... />
element in your token assertion.
>From the WS - Security policy language specification.
<sp:RequireKeyIdentifierReference ... />
This optional element indicates that a key identifier reference is required
when referencing this token.
<sp:MustSupportReferenceKeyIdentifier/> - [Key Identifier References]
This boolean property indicates whether the initiator and recipient MUST be
able to process key-specific identifier token references. A value of 'true'
indicates that the initiator and recipient MUST be able to generate and process
such references. A value of 'false' indicates that the initiator and recipient
MUST NOT generate such references and that the initiator and recipient MAY send
a fault if such references are encountered. This property has a default value
of 'false'.
> Restrictions in key references are not working
> ----------------------------------------------
>
> Key: RAMPART-68
> URL: https://issues.apache.org/jira/browse/RAMPART-68
> Project: Rampart
> Issue Type: Bug
> Components: rampart-policy
> Affects Versions: 1.2
> Environment: Windows XP SP2, Java 1.6, Tomcat 6.0
> Reporter: Jorge Fernández
>
> Even if I set in my service policy only this parameter
> <sp:MustSupportReferenceKeyIdentifier/>, it accepts IssuerSerialReferences.
> The sources are the same as https://issues.apache.org/jira/browse/RAMPART-64
> and https://issues.apache.org/jira/browse/RAMPART-67
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
