Hi Gary,
will it be possible to post your Rampart configuration (at the server
side) so that we can see whether this is a bug or the expected behavior ?
thanks,
nandana
On Fri, Aug 22, 2008 at 9:04 PM, Gary Snider <[EMAIL PROTECTED]>wrote:
> Right now when we send a request that has encrypted Body sub-elements
> Rampart 1.4 PolicyBasedResultsValidator line 423 throws a RampartException
> because it's only looking for the entire Body to be encrypted.
>
> Is this a known issue in Rampart/Java that it does not support encrypted
> parts in the Body?
>
> Request looks like this: Notice that we only want the content of the echo
> element encrypted.
> <soapenv:Body wsu:Id="id-9234090"
> xmlns:wsu="
>
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> ">
> <echo:echo>
> <xenc:EncryptedData Id="EncDataId-30833902"
> Type="http://www.w3.org/2001/04/xmlenc#Content";>
> <xenc:EncryptionMethod Algorithm="
> http://www.w3.org/2001/04/xmlenc#aes256-cbc"; />
> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#
> ">
> <wsse:SecurityTokenReference
> xmlns:wsse="
>
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
> ">
> <wsse:Reference URI="#EncKeyId-21292038" />
> </wsse:SecurityTokenReference>
> </ds:KeyInfo>
> <xenc:CipherData>
> <xenc:CipherValue>
> mYMIlDr8nwRJVwAUIOr3jIgNvSRdUmotgpZYzIPV2ww=
> </xenc:CipherValue>
> </xenc:CipherData>
> </xenc:EncryptedData>
> </echo:echo>
> </soapenv:Body>
>
--
Nandana Mihindukulasooriya
WSO2 inc.
http://nandana83.blogspot.com/
http://www.wso2.org
