I checked the behavior of Glassfish Metro web services runtime (v 2.3)
using the same security policy and it matches the one of Apache Rampart,
i.e. the response contains a single signature over the timestamp element.
I'm attaching the respective request and response messages for reference.
Deteli
On 24/07/14 13:34, iris ding wrote:
I think we can make it follow below two rules:
1. If the parameterType is not an Interface, just ignore the method.
2. Scan available providers to make sure there is one provider who can deal
with the parametertype, otherwise, just ignore it as well.
Yes, 1. c
I think we can make it follow below two rules:
1. If the parameterType is not an Interface, just ignore the method.
2. Scan available providers to make sure there is one provider who can deal
with the parametertype, otherwise, just ignore it as well.
any thoughts?
Iris Ding
--
View this messa
OK, thanks for the clarification...
Note, there's some weakness in the current approach to do with the proxy
being injected for custom interfaces even if no provider for a given
non-standard interface exists, something that Andrey was working upon.
At the moment, in such cases, NPE will be thr
