Skip to content
This repository was archived by the owner on Jan 30, 2019. It is now read-only.
This repository was archived by the owner on Jan 30, 2019. It is now read-only.

Signature parts verification failing #1688

Open
Open
Signature parts verification failing#1688
Assignees
glassfishrobot
Labels
Component: securityERR: AssigneePriority: MajorType: Bug

Description

@glassfishrobot
glassfishrobot
opened on Jul 17, 2014

Signature verification part is defaulted to soap body. There is no other way to change it by specifying the parts.

In the SecurityRecipient.java, FilterProcessingContext fpContext = new FilterProcessingContext(context); is defaulting to body namespace.

fpContext -> securityPolicy -> _featureBinding -> targets.

There should be an API exposed to hook in the parts with namespaces that need to be verified.

The use case I have :
I have a connector protected with signed Timestamp.

Environment

Tomcat 6 , Metro 2.1 , JDK 1.6

Affected Versions

[2.1]

Metadata

Metadata

Assignees

Labels

Component: securityERR: AssigneePriority: MajorType: Bug

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions