[jira] [Commented] (RAMPART-448) NullPointerException in RampartUtil.setKeyIdentifierType() when signing response

[ https://issues.apache.org/jira/browse/RAMPART-448?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17894901#comment-17894901 ] Robert Lazarski commented on RAMPART-448: - The code finds a X509 cert it wants t

[jira] [Assigned] (RAMPART-289) PolicyBasedResultsValidator Incorrectly Invalidates Supporting Token Signatures/Encryptions and Encrypted Supporting Tokens

[ https://issues.apache.org/jira/browse/RAMPART-289?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski reassigned RAMPART-289: --- Assignee: Robert Lazarski > PolicyBasedResultsValidator Incorrectly Invalidates Sup

[jira] [Updated] (RAMPART-289) PolicyBasedResultsValidator Incorrectly Invalidates Supporting Token Signatures/Encryptions and Encrypted Supporting Tokens

[ https://issues.apache.org/jira/browse/RAMPART-289?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski updated RAMPART-289: Fix Version/s: 1.8.0 > PolicyBasedResultsValidator Incorrectly Invalidates Supporting Toke

[jira] [Updated] (RAMPART-302) KeyInfo is extracted from a SAML token assuming that only an authentication statement or an attribute statement can be present in SAML token

[ https://issues.apache.org/jira/browse/RAMPART-302?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski updated RAMPART-302: Fix Version/s: 2.0.0 > KeyInfo is extracted from a SAML token assuming that only an authen

[jira] [Assigned] (RAMPART-302) KeyInfo is extracted from a SAML token assuming that only an authentication statement or an attribute statement can be present in SAML token

[ https://issues.apache.org/jira/browse/RAMPART-302?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski reassigned RAMPART-302: --- Assignee: Robert Lazarski > KeyInfo is extracted from a SAML token assuming that on

[jira] [Resolved] (RAMPART-287) Supporting Tokens Not Encrypted When Protection Order is Encrypt Before Signing

[ https://issues.apache.org/jira/browse/RAMPART-287?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski resolved RAMPART-287. - Resolution: Fixed This was applied back in 2017 and should be part of 1.7.1. > Support

[jira] [Resolved] (RAMPART-282) invalid XML sent when Rampart is enabled

[ https://issues.apache.org/jira/browse/RAMPART-282?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski resolved RAMPART-282. - Resolution: Fixed Seems to have been fixed a long time ago - please re-open if not. >

[jira] [Updated] (RAMPART-286) Support for WS Policy optionality on WS Security assertions

[ https://issues.apache.org/jira/browse/RAMPART-286?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski updated RAMPART-286: Fix Version/s: 2.0.0 > Support for WS Policy optionality on WS Security assertions > -

[jira] [Assigned] (RAMPART-286) Support for WS Policy optionality on WS Security assertions

[ https://issues.apache.org/jira/browse/RAMPART-286?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski reassigned RAMPART-286: --- Assignee: Robert Lazarski > Support for WS Policy optionality on WS Security assert

[jira] [Resolved] (RAMPART-448) NullPointerException in RampartUtil.setKeyIdentifierType() when signing response

[ https://issues.apache.org/jira/browse/RAMPART-448?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski resolved RAMPART-448. - Resolution: Fixed > NullPointerException in RampartUtil.setKeyIdentifierType() when sign

[jira] [Assigned] (RAMPART-261) Ability to Toggle "mustUnderstand" flag in security header.

[ https://issues.apache.org/jira/browse/RAMPART-261?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski reassigned RAMPART-261: --- Assignee: Robert Lazarski > Ability to Toggle "mustUnderstand" flag in security hea

[jira] [Updated] (RAMPART-261) Ability to Toggle "mustUnderstand" flag in security header.

[ https://issues.apache.org/jira/browse/RAMPART-261?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski updated RAMPART-261: Fix Version/s: 1.8.0 > Ability to Toggle "mustUnderstand" flag in security header. > -

[jira] [Resolved] (RAMPART-325) NullPointerException with UsernameToken Policy and MTOM Policy without Rampart Config in WSDL

[ https://issues.apache.org/jira/browse/RAMPART-325?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski resolved RAMPART-325. - Resolution: Fixed > NullPointerException with UsernameToken Policy and MTOM Policy witho

[jira] [Assigned] (RAMPART-325) NullPointerException with UsernameToken Policy and MTOM Policy without Rampart Config in WSDL

[ https://issues.apache.org/jira/browse/RAMPART-325?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski reassigned RAMPART-325: --- Assignee: Robert Lazarski > NullPointerException with UsernameToken Policy and MTOM

[jira] [Updated] (RAMPART-325) NullPointerException with UsernameToken Policy and MTOM Policy without Rampart Config in WSDL

[ https://issues.apache.org/jira/browse/RAMPART-325?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski updated RAMPART-325: Fix Version/s: 1.8.0 > NullPointerException with UsernameToken Policy and MTOM Policy with

[jira] [Assigned] (RAMPART-411) Unable to sign the BinarySecurityToken using Rampart 1.6.2

[ https://issues.apache.org/jira/browse/RAMPART-411?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski reassigned RAMPART-411: --- Assignee: Robert Lazarski > Unable to sign the BinarySecurityToken using Rampart 1.

[jira] [Updated] (RAMPART-411) Unable to sign the BinarySecurityToken using Rampart 1.6.2

[ https://issues.apache.org/jira/browse/RAMPART-411?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski updated RAMPART-411: Fix Version/s: 2.0.0 > Unable to sign the BinarySecurityToken using Rampart 1.6.2 > --

[jira] [Updated] (RAMPART-431) org.apache.ws.security.WSSecurityException: General security error (WSEncryptBody/WSSignEnvelope: Element to encrypt/sign not found: http://www.w3.org/2005/08/addressing

[ https://issues.apache.org/jira/browse/RAMPART-431?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski updated RAMPART-431: Fix Version/s: 2.0.0 > org.apache.ws.security.WSSecurityException: General security error

[jira] [Assigned] (RAMPART-431) org.apache.ws.security.WSSecurityException: General security error (WSEncryptBody/WSSignEnvelope: Element to encrypt/sign not found: http://www.w3.org/2005/08/addressin

[ https://issues.apache.org/jira/browse/RAMPART-431?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski reassigned RAMPART-431: --- Assignee: Robert Lazarski > org.apache.ws.security.WSSecurityException: General sec

[jira] [Assigned] (RAMPART-448) NullPointerException in RampartUtil.setKeyIdentifierType() when signing response

[ https://issues.apache.org/jira/browse/RAMPART-448?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski reassigned RAMPART-448: --- Assignee: Robert Lazarski > NullPointerException in RampartUtil.setKeyIdentifierTyp

[jira] [Updated] (RAMPART-448) NullPointerException in RampartUtil.setKeyIdentifierType() when signing response

[ https://issues.apache.org/jira/browse/RAMPART-448?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski updated RAMPART-448: Fix Version/s: 1.8.0 > NullPointerException in RampartUtil.setKeyIdentifierType() when sig

[jira] [Resolved] (RAMPART-424) not found documentacion rampart 1.3

[ https://issues.apache.org/jira/browse/RAMPART-424?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski resolved RAMPART-424. - Resolution: Won't Fix The Axis project a while back stopped doing a separate zip for the

[jira] [Assigned] (RAMPART-234) Allow custom https listeners to populate the client certificate chain in the message context

[ https://issues.apache.org/jira/browse/RAMPART-234?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski reassigned RAMPART-234: --- Assignee: Robert Lazarski > Allow custom https listeners to populate the client cer

[jira] [Updated] (RAMPART-252) The way referncelist processing of SAML issued tokens doesn't work properly and algorithm validation required in PolicyBasedResultsValidator

[ https://issues.apache.org/jira/browse/RAMPART-252?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski updated RAMPART-252: Fix Version/s: 2.0.0 > The way referncelist processing of SAML issued tokens doesn't work

[jira] [Assigned] (RAMPART-421) Handling of WS-Policy is not working properly

[ https://issues.apache.org/jira/browse/RAMPART-421?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski reassigned RAMPART-421: --- Assignee: Robert Lazarski > Handling of WS-Policy is not working properly > --

[jira] [Assigned] (RAMPART-420) Allow WS-Security timestamps to be spoofed and BSP checking disabled

[ https://issues.apache.org/jira/browse/RAMPART-420?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski reassigned RAMPART-420: --- Assignee: Robert Lazarski > Allow WS-Security timestamps to be spoofed and BSP chec

[jira] [Updated] (RAMPART-397) Custom STS cannot load custom issuer

[ https://issues.apache.org/jira/browse/RAMPART-397?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski updated RAMPART-397: Fix Version/s: 2.0.0 > Custom STS cannot load custom issuer >

[jira] [Updated] (RAMPART-402) PolicyBasedResultsValidator does not correctly check signed parts

[ https://issues.apache.org/jira/browse/RAMPART-402?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski updated RAMPART-402: Fix Version/s: 1.8.0 > PolicyBasedResultsValidator does not correctly check signed parts >

[jira] [Updated] (RAMPART-369) Rampart project need a DOAP file.

[ https://issues.apache.org/jira/browse/RAMPART-369?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski updated RAMPART-369: Fix Version/s: 1.8.0 > Rampart project need a DOAP file. > --

[jira] [Updated] (RAMPART-362) Inter-operable issue with verifying signature and decrypting message with KeyInfo element when SAML token is used as protected token with WCF client

[ https://issues.apache.org/jira/browse/RAMPART-362?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski updated RAMPART-362: Fix Version/s: 1.8.0 > Inter-operable issue with verifying signature and decrypting messag

[jira] [Updated] (RAMPART-349) In SAML2 token, subject's NameID is not attached to the subject when HOK SC is used with key type:SymmetricKey

[ https://issues.apache.org/jira/browse/RAMPART-349?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski updated RAMPART-349: Fix Version/s: 1.8.0 > In SAML2 token, subject's NameID is not attached to the subject whe

[jira] [Updated] (RAMPART-337) Possible memory leak in the STS implmentation due to the exisitng mechanism of storing tokens.

[ https://issues.apache.org/jira/browse/RAMPART-337?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski updated RAMPART-337: Fix Version/s: 2.0.0 > Possible memory leak in the STS implmentation due to the exisitng m

[jira] [Assigned] (RAMPART-349) In SAML2 token, subject's NameID is not attached to the subject when HOK SC is used with key type:SymmetricKey

[ https://issues.apache.org/jira/browse/RAMPART-349?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski reassigned RAMPART-349: --- Assignee: Robert Lazarski > In SAML2 token, subject's NameID is not attached to the

[jira] [Assigned] (RAMPART-335) X509V3 KeyIdentifier cannot be set dynmaically

[ https://issues.apache.org/jira/browse/RAMPART-335?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski reassigned RAMPART-335: --- Assignee: Robert Lazarski > X509V3 KeyIdentifier cannot be set dynmaically > --

[jira] [Updated] (RAMPART-335) X509V3 KeyIdentifier cannot be set dynmaically

[ https://issues.apache.org/jira/browse/RAMPART-335?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski updated RAMPART-335: Fix Version/s: 1.8.0 > X509V3 KeyIdentifier cannot be set dynmaically > --

[jira] [Updated] (RAMPART-330) Interop with WSIT: SignatureConfirmation header must be encrypted when is specified

[ https://issues.apache.org/jira/browse/RAMPART-330?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski updated RAMPART-330: Fix Version/s: 2.0.0 > Interop with WSIT: SignatureConfirmation header must be encrypted w

[jira] [Assigned] (RAMPART-330) Interop with WSIT: SignatureConfirmation header must be encrypted when is specified

[ https://issues.apache.org/jira/browse/RAMPART-330?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski reassigned RAMPART-330: --- Assignee: Robert Lazarski > Interop with WSIT: SignatureConfirmation header must be

[jira] [Assigned] (RAMPART-329) Interoperability with WSIT problem: RampartException: Error in adding token into store

[ https://issues.apache.org/jira/browse/RAMPART-329?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski reassigned RAMPART-329: --- Assignee: Robert Lazarski > Interoperability with WSIT problem: RampartException: E

[jira] [Assigned] (RAMPART-362) Inter-operable issue with verifying signature and decrypting message with KeyInfo element when SAML token is used as protected token with WCF client

[ https://issues.apache.org/jira/browse/RAMPART-362?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski reassigned RAMPART-362: --- Assignee: Robert Lazarski > Inter-operable issue with verifying signature and decry

[jira] [Updated] (RAMPART-329) Interoperability with WSIT problem: RampartException: Error in adding token into store

[ https://issues.apache.org/jira/browse/RAMPART-329?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski updated RAMPART-329: Fix Version/s: 2.0.0 > Interoperability with WSIT problem: RampartException: Error in addi

[jira] [Resolved] (RAMPART-391) Add ability to set the wsiBspCompliant property in WSSConfig

[ https://issues.apache.org/jira/browse/RAMPART-391?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski resolved RAMPART-391. - Resolution: Fixed In the upcoming 1.8.0 release you can set disableBSPEnforcement on the

[jira] [Updated] (RAMPART-388) NPE in RampartUtil#setKeyIdentifierType (line #1389) wss (web service security options assertion) is null.

[ https://issues.apache.org/jira/browse/RAMPART-388?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski updated RAMPART-388: Fix Version/s: 1.8.0 > NPE in RampartUtil#setKeyIdentifierType (line #1389) wss (web servi

[jira] [Resolved] (RAMPART-388) NPE in RampartUtil#setKeyIdentifierType (line #1389) wss (web service security options assertion) is null.

[ https://issues.apache.org/jira/browse/RAMPART-388?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski resolved RAMPART-388. - Resolution: Fixed > NPE in RampartUtil#setKeyIdentifierType (line #1389) wss (web servic

[jira] [Assigned] (RAMPART-402) PolicyBasedResultsValidator does not correctly check signed parts

[ https://issues.apache.org/jira/browse/RAMPART-402?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski reassigned RAMPART-402: --- Assignee: Robert Lazarski > PolicyBasedResultsValidator does not correctly check si

[jira] [Assigned] (RAMPART-371) Namespace 'http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702' is unsupported by generated client

[ https://issues.apache.org/jira/browse/RAMPART-371?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski reassigned RAMPART-371: --- Assignee: Robert Lazarski > Namespace 'http://docs.oasis-open.org/ws-sx/ws-security

[jira] [Updated] (RAMPART-371) Namespace 'http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702' is unsupported by generated client

[ https://issues.apache.org/jira/browse/RAMPART-371?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski updated RAMPART-371: Fix Version/s: 2.0.0 > Namespace 'http://docs.oasis-open.org/ws-sx/ws-securitypolicy/20070

[jira] [Updated] (RAMPART-419) WS Security header is not being serialized when header element is not instance of "org.apache.axiom.soap.SOAPHeader"

[ https://issues.apache.org/jira/browse/RAMPART-419?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski updated RAMPART-419: Fix Version/s: 2.0.0 > WS Security header is not being serialized when header element is n

[jira] [Assigned] (RAMPART-205) Setting WSSConfig properties from RampartConfig

[ https://issues.apache.org/jira/browse/RAMPART-205?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski reassigned RAMPART-205: --- Assignee: Robert Lazarski > Setting WSSConfig properties from RampartConfig > -

[jira] [Updated] (RAMPART-205) Setting WSSConfig properties from RampartConfig

[ https://issues.apache.org/jira/browse/RAMPART-205?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski updated RAMPART-205: Fix Version/s: 1.8.0 > Setting WSSConfig properties from RampartConfig > -

[jira] [Assigned] (RAMPART-252) The way referncelist processing of SAML issued tokens doesn't work properly and algorithm validation required in PolicyBasedResultsValidator

[ https://issues.apache.org/jira/browse/RAMPART-252?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski reassigned RAMPART-252: --- Assignee: Robert Lazarski > The way referncelist processing of SAML issued tokens d

[jira] [Updated] (RAMPART-396) NullPointerException using STS, Trust and entropy

[ https://issues.apache.org/jira/browse/RAMPART-396?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski updated RAMPART-396: Fix Version/s: 1.8.0 > NullPointerException using STS, Trust and entropy > ---

[jira] [Assigned] (RAMPART-396) NullPointerException using STS, Trust and entropy

[ https://issues.apache.org/jira/browse/RAMPART-396?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski reassigned RAMPART-396: --- Assignee: Robert Lazarski > NullPointerException using STS, Trust and entropy > ---

[jira] [Updated] (RAMPART-421) Handling of WS-Policy is not working properly

[ https://issues.apache.org/jira/browse/RAMPART-421?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski updated RAMPART-421: Fix Version/s: 2.0.0 > Handling of WS-Policy is not working properly > --

[jira] [Updated] (RAMPART-420) Allow WS-Security timestamps to be spoofed and BSP checking disabled

[ https://issues.apache.org/jira/browse/RAMPART-420?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski updated RAMPART-420: Fix Version/s: 1.8.0 > Allow WS-Security timestamps to be spoofed and BSP checking disable

[jira] [Updated] (RAMPART-234) Allow custom https listeners to populate the client certificate chain in the message context

[ https://issues.apache.org/jira/browse/RAMPART-234?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robert Lazarski updated RAMPART-234: Fix Version/s: 1.8.0 > Allow custom https listeners to populate the client certificate cha