[wsf-c-dev] [jira] Created: (WSFC-122) When the policy specifies
only to sign the header, it signs the body as well
Evanthika Amarasiri (JIRA)
jira at wso2.org
Thu Sep 6 02:03:48 PDT 2007
When the policy specifies only to sign the header, it signs the body as well
----------------------------------------------------------------------------
Key: WSFC-122
URL: http://www.wso2.org/jira/browse/WSFC-122
Project: WSO2 WSF/C
Issue Type: Bug
Components: Apache Rampart/C (Security)
Affects Versions: 1.1.0
Environment: Windows XP, sqlite-source-3_3_8, libcurl-7.15.1-msvc-win32-ssl-0.9.8a-zlib-1.2.3
Reporter: Evanthika Amarasiri
Assigned To: Manjula Peiris
1. Commented out the <body/> tag under <sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> in both client and sever side policies as below
*******************************************************************************************************************
<sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<!--sp:Body/-->
<sp:Header Namespace="http://www.w3.org/2005/08/addressing"/>
</sp:SignedParts>
*******************************************************************************************************************
2. When monitored through TCPMon, realized that the body is signed along with the header even though the option is commented out
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://www.wso2.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the Wsf-c-dev
mailing list