synapse-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Asankha C. Perera (JIRA)" <j...@apache.org>
Subject [jira] Resolved: (SYNAPSE-422) Axis2FlexibleMEPClient removal of addressing headers should be configurable
Date Tue, 24 Mar 2009 06:35:50 GMT

     [ https://issues.apache.org/jira/browse/SYNAPSE-422?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Asankha C. Perera resolved SYNAPSE-422.
---------------------------------------

       Resolution: Fixed
    Fix Version/s: 1.3
         Assignee: Asankha C. Perera

Gary, could you verify if the latest nightly build will solve this? Basically the fix was
to not remove the existing addressing headers, if the endpoint does not turn on addressing
at the ESB

http://hudson.zones.apache.org/hudson/job/Synapse%20-%20Trunk/lastSuccessfulBuild/org.apache.synapse$synapse-distribution/artifact/org.apache.synapse/synapse-distribution/SNAPSHOT/synapse-SNAPSHOT-bin.zip

> Axis2FlexibleMEPClient removal of addressing headers should be configurable
> ---------------------------------------------------------------------------
>
>                 Key: SYNAPSE-422
>                 URL: https://issues.apache.org/jira/browse/SYNAPSE-422
>             Project: Synapse
>          Issue Type: Bug
>          Components: Core
>    Affects Versions: 1.1.1, 1.2
>         Environment: Windows XP Professional.  Synapse 1.1.1  and 1.2   proxy mode and
mediation mode
>            Reporter: Gary Snider
>            Assignee: Asankha C. Perera
>            Priority: Critical
>             Fix For: 1.3
>
>
> I've tried using synapse in proxy mode as well as non-proxy mode but here is the scenario
and why removing the headers is wrong for what we're doing:
> 1) A WS-Security message comes in to synapse (with wsa:MessageID signed & referenced
in the digital signature )
> 2) Synapse Axis2FlexibleMEPClient removes the wsa:MessageID in the original message 
(Axis2FlexibleMEPClient.removeAddressingHeaders)
> 3) The endpoint gets the 'forwarded' request and it fails ws-security validation because
the wsa:MessageID which is referenced in the digital signature has been removed.
> The removal of addressing headers needs to be configurable since some implementations
might rely on the original wsa:messageID to be there.  In our case it is part of a digital
signature.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@synapse.apache.org
For additional commands, e-mail: dev-help@synapse.apache.org


Mime
View raw message