[
https://issues.apache.org/jira/browse/RAMPART-146?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Nandana Mihindukulasooriya resolved RAMPART-146.
------------------------------------------------
Resolution: Fixed
Fixed in revision 649150.
http://svn.apache.org/viewvc?view=rev&revision=649150
> The exact elements that are equired to be encrypted are not validated
> ---------------------------------------------------------------------
>
> Key: RAMPART-146
> URL: https://issues.apache.org/jira/browse/RAMPART-146
> Project: Rampart
> Issue Type: Bug
> Reporter: Dobri Kitipov
> Assignee: Ruchith Udayanga Fernando
>
> Hi everybody,
> currently I am researching how Rampart is validating and verifying the
> secured artifacts. Let me give you a sample scenario. Let's say we have a WS
> which policy defines that a specific <sp:EncryptedElements/> should be
> encrypted (corresponding to a given XPath expression). I am interested in
> understanding the mechanism that is used to verify that the incoming message
> has encrypted exactly that <sp:EncryptedElements/> with the given specific
> XPath expression, but not something else.
> At the moment seems like we do not validate the exact elements that are
> required to be encrypted.
> Ruchith commented out:
> IMHO we will have to improve the
> org.apache.ws.security.processor.ReferenceListProcessor to include the
> decrypted element information (in addition to the ref URI) for rampart to be
> able to validate the encrypted parts correctly.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
