Closed JiriOndrusek closed 3 months ago
@ppalaga WDYT ^ (second solution)
The number of tests failing in FIPS is quite small (only 5 tests are failing). It would be perhaps clearer if those 5 methods would be handled in the same way as CustomEncryptSignPolicyTest to change assertions in case a FIPS machine is present.
Yeah, what you say makes a lot of sense. Sorry for my suggestions in the other direction. I thought it was much more tests to handle. Would you please implement that?
Yeah, what you say makes a lot of sense. Sorry for my suggestions in the other direction. I thought it was much more tests to handle. Would you please implement that?
I started working on the change, but I found a weird behavior witch originates in cxf (I think). I reported the bug as https://issues.apache.org/jira/browse/CXF-8986
I pinged @ffang in the cxf issue. I will finish this PR after confirmation whether the behavior is a bug or a feature.
Superseded by https://github.com/quarkiverse/quarkus-cxf/pull/1297
fixes https://github.com/quarkiverse/quarkus-cxf/issues/1285
TransportPolicyTest
moved fromws-security-policy
tows-security-policy-fips
.CustomEncryptSignPolicyTest
was modified to be able to detect FIPS machine and change assertions accordingly.EncryptSignPolicyIT
.This solution duplicates several java classes:
HelloService
HelloServiceImpl
BeanProducers
PolicyTestUtils
I can imagine a different solution avoiding duplicities:
CustomEncryptSignPolicyTest
to change assertions in case a FIPS machine is present.This second solution would:
ws-security-policy
would be required anymore.