ws-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Colm O hEigeartaigh (JIRA)" <>
Subject [jira] [Resolved] (WSS-457) Incorrect validation of ProtectTokens assertion
Date Wed, 10 Jul 2013 10:25:48 GMT


Colm O hEigeartaigh resolved WSS-457.

    Resolution: Fixed
> Incorrect validation of ProtectTokens assertion
> -----------------------------------------------
>                 Key: WSS-457
>                 URL:
>             Project: WSS4J
>          Issue Type: Bug
>            Reporter: Colm O hEigeartaigh
>            Assignee: Marc Giger
>             Fix For: 2.0
> The streaming code doesn't validate the ProtectTokens assertion properly in the case
of a SymmetricBinding. The scenario is that the Signature should reference (sign) the EncryptedKey,
and also reference it in the signing KeyInfo. However, the streaming code complains with:
> Original Exception was org.apache.wss4j.policy.stax.PolicyViolationException: Token /{}Envelope/{}Header/{}Security/{}BinarySecurityToken
must be signed by its signature.
> However, the BinarySecurityToken in question is the certificate used to encrypt the symmetric
key, and not the signing credential.

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see:

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message