axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Amila Jayasekara (JIRA)" <>
Subject [jira] Updated: (RAMPART-299) Rampart ignores BootstrapPolicy settings in message exchange with WS-SecureConversation STS
Date Sun, 06 Feb 2011 06:38:30 GMT


Amila Jayasekara updated RAMPART-299:

    Attachment: RAMPART-299.diff

I am attaching a patch to fix this issue. 
The fix includes following,
The secure conversation, ws-trust, ws-addressing versions are selected based on the security
policy version. 

I also added few integration test cases which are based on new security policy version.


> Rampart ignores BootstrapPolicy settings in message exchange with WS-SecureConversation
> -------------------------------------------------------------------------------------------
>                 Key: RAMPART-299
>                 URL:
>             Project: Rampart
>          Issue Type: Bug
>          Components: rampart-trust
>    Affects Versions: 1.5
>            Reporter: Dennis Sosnoski
>         Attachments: RAMPART-299.diff
> I'm running some WS-SecureConversation tests with Axis2 1.5.1 and Rampart 1.5, and saw
that Rampart is using the namespace and actions
for the request to the STS, along with the
WS-Addressing and WS-SecureConversation versions.
How can I set Rampart to use the newer versions of these standards?
> I'm using WS-SecurityPolicy 1.2, and have <sp:Trust13> and <wsap:UsingAddressing
xmlns=""/> tokens included in the policy, so Rampart appears
to be ignoring the policy and just going with defaults for the request. I've also tried *not*
specifying <wsap:UsingAddressing>, and Rampart still adds addressing headers in that
> I did see that there's some logic in RampartMessageData to set namespace versions from
properties in the message context, but that logic appears flawed (lines 168-178):
>            //Extract known properties from the msgCtx
>                      if(msgCtx.getProperty(KEY_WST_VERSION) != null) {
>                this.wstVersion = TrustUtil.getWSTVersion((String)msgCtx.getProperty(KEY_WST_VERSION));
>            }
>                      if(msgCtx.getProperty(KEY_WSSC_VERSION) != null) {
>                this.secConvVersion = TrustUtil.getWSTVersion((String)msgCtx.getProperty(KEY_WSSC_VERSION));
>            }
> Note that this is calling TrustUtil.getWSTVersion() for both the WS-Trust and the WS-SecureConversation
version, so you'd have to use the WS-Trust namespaces as values of the wscVersion property
in order for this to work. Worse, though, is that it looks like the options set on the original
Client are not passed in to the STSClient used by Rampart for the STS request, so I don't
see any way of setting the properties for the STSClient from my application code.

This message is automatically generated by JIRA.
For more information on JIRA, see:


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message