ws-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Marcin Markiewicz (JIRA)" <j...@apache.org>
Subject [jira] Commented: (WSS-254) Encryption/signing of multiple message parts with same name not working
Date Thu, 02 Dec 2010 15:26:12 GMT

    [ https://issues.apache.org/jira/browse/WSS-254?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12966143#action_12966143
] 

Marcin Markiewicz commented on WSS-254:
---------------------------------------

I could migrate my project from wss4j 1.5.9 to this 1.6 and I made a quick test with this
fixes - it works!
But other tests are still to be done...

> Encryption/signing of multiple message parts with same name not working
> -----------------------------------------------------------------------
>
>                 Key: WSS-254
>                 URL: https://issues.apache.org/jira/browse/WSS-254
>             Project: WSS4J
>          Issue Type: Bug
>          Components: WSS4J Core
>    Affects Versions: 1.5.4, 1.5.5, 1.5.6, 1.5.7, 1.5.8, 1.5.9, 1.5.10, 1.6
>         Environment: all. (found out an a windows vista machine with java 1.6)
>            Reporter: Marcin Markiewicz
>            Assignee: Colm O hEigeartaigh
>            Priority: Critical
>         Attachments: patch.txt, WSSecEncrypt.java
>
>
> The current implementation of the class "WSSecEncypt" lookf in the document to encrypt
for elements only by their name and namespace (this are the only informations provided by
the class "WSEncryptionPart"). The search  find the first element with this name and lets
encrypt it. If there are other elements with the same name we wish to encrypt it cannot be
done. But it is needed if one uses lists of elements
> Following example shows the issue:
> <xml...>
> <soapenv:Envelope>
>    <soapenv:Header>
>       <myNS:Header1>
>          <!-- XML data-->
>       </myNS:Header1>
>       <myNS:Header2>
>          <!-- XML data-->
>          <myNS:attachment>
>             <!-- some data we don't wish to encrypt -->
>          <myNS:attachment>
>       </myNS:Header2>
>       ...
>       <myNS:Attachments>
>          <myNS:attachment>
>             <!-- 1. binary data base64 encoded -->
>          </myNS:attachment>
>          <myNS:attachment>
>             <!-- 2. binary data base64 encoded -->
>          </myNS:attachment>
>          <myNS:attachment>
>             <!-- 3. binary data base64 encoded -->
>          </myNS:attachment>
>          ...
>       </myNS:Attachments>
>       ...
>       <myNS:HeaderX>
>          <!-- XML data-->
>       </myNS:HeaderX>
>    </soapenv:Header>
>    <soapenv:Body>
>       <!-- XML data-->
>    </soapenv:Body>
> </soapenv:Envelope>
> if we use the WSEncyrpionPart this way:
> WSEncryptionPart encryptionPart = new WSEncryptionPart("attachment", "myNS-URI", "Content");
> then only the element "Envelope/Header/Header2/attachment" will be encryptet. Thus the
one we don't want to encrypt, but the other ones will not be encrypted.
> To solve this problem a XPath support in WSEncryptionPart and WSSecEncryption is to be
implemented (and maybe more...)

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org


Mime
View raw message