search

javaee / metro-wsit

https://javaee.github.io/metro-wsit/
Other
9 stars 24 forks source link

Signature parts verification failing #1688

Open glassfishrobot opened 10 years ago

glassfishrobot commented 10 years ago

Signature verification part is defaulted to soap body. There is no other way to change it by specifying the parts.

In the SecurityRecipient.java, FilterProcessingContext fpContext = new FilterProcessingContext(context); is defaulting to body namespace.

fpContext -> securityPolicy -> _featureBinding -> targets.

There should be an API exposed to hook in the parts with namespaces that need to be verified.

The use case I have : I have a connector protected with signed Timestamp.

Environment

Tomcat 6 , Metro 2.1 , JDK 1.6

Affected Versions

[2.1]

glassfishrobot commented 10 years ago

Reported by kjayashankar

glassfishrobot commented 10 years ago

Was assigned to symonchang

glassfishrobot commented 7 years ago

This issue was imported from java.net JIRA WSIT-1688