ws-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stéphane CIZERON (JIRA) <>
Subject [jira] [Created] (WSS-473) BST signature element
Date Thu, 25 Jul 2013 15:05:58 GMT
Stéphane CIZERON created WSS-473:

             Summary: BST signature element
                 Key: WSS-473
             Project: WSS4J
          Issue Type: Bug
          Components: WSS4J Core
    Affects Versions: 1.6.11
            Reporter: Stéphane CIZERON
            Assignee: Colm O hEigeartaigh
             Fix For: 1.6.12

In the 1.5.x versions, when we wanted to sign the BST, we used a special keyword 'Token' and
the signed element was the BST. 

In 1.6.x, the Token keyword doesn' t exist anymore,  When the Token is used, a general security
error is raised (WSEncryptBody/WSSignEnvelope: Element to encrypt/sign not found:,

If we use STRTransform, the validation fails because the signed element is the SecurityTokenReference
and not the BST.

if we use  {}{}BinarySecurityToken
as WSEncryptionPart, we have the same general error => element not found. I check the,
the BST is appended at the end whereas if it was appened just after the prepare method (line
70), the last issue is OK.

I tested it and it works, the validation BST signature is OK.

            wsSign.prepare(doc, reqData.getSigCrypto(), reqData.getSecHeader());

Could you tell me first if it's a correct workaround? 
And in the second time, if the correction could be packaged in the 1.6.12 quickly ?

Best regards

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see:

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message