axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Boris Dushanov (JIRA)" <j...@apache.org>
Subject [jira] [Created] (RAMPART-426) Rampart has no support for handling 'actor' attribute in the Security header
Date Thu, 16 Apr 2015 11:18:58 GMT
Boris Dushanov created RAMPART-426:
--------------------------------------

             Summary: Rampart has no support for handling 'actor' attribute in the Security
header
                 Key: RAMPART-426
                 URL: https://issues.apache.org/jira/browse/RAMPART-426
             Project: Rampart
          Issue Type: Bug
          Components: rampart-core
    Affects Versions: 1.6.2
            Reporter: Boris Dushanov


According to the WS-Security specification:

"The <wsse:Security> header block provides a mechanism for attaching security-related
information targeted at a specific recipient in the form of a SOAP actor/role."

<wsse:Security S11:actor="..." S11:mustUnderstand="..."/>

Currently, Rampart is far from full support for actor/role.
 - RampartEngine has a bare support, taking the 'actor' attribute from a random Security header.In
addition, in SOAP 1.2, the 'actor' attribute is renamed to 'role', which is not handled by
the RampartEngine.
 - Rampart message builders has no support for actor/role. 
 - Rampart configuration has no support for actor/role also

WSS4J has support for actor/role and such could easily be added in Rampart.Proper configuration
should be added and actor/role values should be propagated to WSS4J.






--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org


Mime
View raw message