[
https://issues.apache.org/jira/browse/CXF-8986?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Andriy Redko resolved CXF-8986.
-------------------------------
Resolution: Not A Problem
> Ws-security-policy: if more policies are used in the same JVM, their
> algorithm suites influence each other
> ----------------------------------------------------------------------------------------------------------
>
> Key: CXF-8986
> URL: https://issues.apache.org/jira/browse/CXF-8986
> Project: CXF
> Issue Type: Bug
> Components: WS-* Components
> Affects Versions: 4.0.4
> Reporter: Jiri Ondrusek
> Priority: Major
>
> I'm fixing some tests in quarkus-cxf and I found a behavior which seems to be
> not desired. On the other hand I might be missing some information and this
> behavior is expected.
> Reproducer:
> # Clone and build
> [https://github.com/JiriOndrusek/quarkus-cxf/tree/suite-influence-reprodocer]
> # Run (with remote debug)
> {code:java}
> ./mvnw clean test -f integration-tests/ws-security-policy
> -Dtest="EncryptSignPolicyTest#helloEncryptSign" -Dmaven.surefire.debug{code}
> Check value of effectivePolicy in this line
> [https://github.com/apache/cxf/blob/main/rt/ws/policy/src/main/java/org/apache/cxf/ws/policy/PolicyOutInterceptor.java#L98]
> Look into
> {code:java}
> effectivePolicy->policy->policyComponents->exactlyOne->policyComponents->all->policyComponents->asymmetricBinding->alghoritnSuite->alghorithSuiteType{code}
> Value is *Basic256*
> # Run different test by this command
> {code:java}
> ./mvnw clean test -f integration-tests/ws-security-policy
> -Dtest="CustomEncryptSignPolicyTest#helloDefaultCustomValues"
> -Dmaven.surefire.debug{code}
> Debug the same place and you can see, that the alghoritmSuiteType is
> *CustomAlgorithmSuite*
> # Now run both tests together by
> {code:java}
> ./mvnw clean test -f integration-tests/ws-security-policy
> -Dtest="EncryptSignPolicyTest#helloEncryptSign,CustomEncryptSignPolicyTest#helloDefaultCustomValues"
> -Dmaven.surefire.debug{code}
> The first breakpoint is triggered by
> {code:java}
> CustomEncryptSignPolicyTest#helloDefaultCustomValues{code}
> and you can see hat the alghoritmSuiteType is *CustomAlgorithmSuite*
> The second breakpoint belongs to
> {code:java}
> EncryptSignPolicyTest#helloEncryptSign{code}
> , but the value in the efectivePolicy->..->asymmetricBinding is
> *CustomAlgorithmSuite*
> This is wrong, the correct value should be *Basic256*
> I changed test `CustomEncryptSignPolicyTest#helloDefaultCustomValues` to use
> *Basic128Rsa15* (to verify that the culprit is not the customAlgorithmSuite)
> and the result was wrong as with default values.
> Single execution showed *Basic128Rsa15* or *Basic256* (depends on the test),
> but execution of both tests showed *Basic128Rsa15* in both cases.
> I think that the behavior is wrong. I have a test suite running on FIPS
> machine. If tests are executed alone all works correctly (some tests asserts
> success, some tests asserts failure). If I run tests together, the tests
> which should fail, are successful.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
