ws-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David R. Robison" <david.robi...@openroadsconsulting.com>
Subject Re: Proposed patch for nonce missing encoderType
Date Tue, 07 Oct 2014 12:54:01 GMT 
Sorry, I guess I was looking at the WS-Security sepc not the BSP spec. David

David R Robison
Open Roads Consulting, Inc.
103 Watson Road, Chesapeake, VA 23320
phone: +1 757-546-3401
e-mail: david.robison@openroadsconsulting.com
web: http://www.openroadsconsulting.com
blog: http://therobe.blogspot.com
book: http://www.xulonpress.com/bookstore/bookdetail.php?PB_ISBN=9781597816526

On 10/7/2014 4:09 AM, Colm O hEigeartaigh wrote:
>
> That particular piece of code is in a block which enforces Basic 
> Security Profile conformance. In the BSP spec, the EncodingType 
> attribute *must* be present, there is no default to fall back to. If a 
> third party client is not sending an EncodingType attribute, then you 
> will have to disable BSP Compliance on the service to get it to work.
>
> Colm.
>
> On Tue, Oct 7, 2014 at 1:51 AM, David R. Robison 
> <david.robison@openroadsconsulting.com 
> <mailto:david.robison@openroadsconsulting.com>> wrote:
>
>      From the WS-Security spec it appears that the encodingType for the
>     nonce is optional and, if missing, defaults to Base64 encoding. This
>     patch assumes this default if the encodingType is missing.
>     David
>
>     Index:
>     src/main/java/org/apache/ws/security/message/token/UsernameToken.java
>     ===================================================================
>     ---
>     src/main/java/org/apache/ws/security/message/token/UsernameToken.java
>     (revision 1629762)
>     +++
>     src/main/java/org/apache/ws/security/message/token/UsernameToken.java
>     (working copy)
>     @@ -1163,8 +1163,8 @@
>                   Element nonce = nonceElements.get(0);
>                   String encodingType = nonce.getAttributeNS(null,
>     "EncodingType");
>                   // Encoding Type must be equal to Base64Binary
>     -            if (encodingType == null || "".equals(encodingType)
>     -                ||
>     !BinarySecurity.BASE64_ENCODING.equals(encodingType)) {
>     +            if (encodingType == null || "".equals(encodingType))
>     encodingType = BinarySecurity.BASE64_ENCODING;
>     + if(!BinarySecurity.BASE64_ENCODING.equals(encodingType)) {
>                       if (LOG.isDebugEnabled()) {
>                           LOG.debug("The Username Token's nonce
>     element has
>     a bad encoding type");
>                       }
>
>
>
>     --
>
>     David R Robison
>     Open Roads Consulting, Inc.
>     103 Watson Road, Chesapeake, VA 23320
>     phone: +1 757-546-3401
>     e-mail: david.robison@openroadsconsulting.com
>     <mailto:david.robison@openroadsconsulting.com>
>     web: http://www.openroadsconsulting.com
>     blog: http://therobe.blogspot.com
>     book:
>     http://www.xulonpress.com/bookstore/bookdetail.php?PB_ISBN=9781597816526
>
>
>
>     This email communication (including any attachments) may contain
>     confidential and/or privileged material intended solely for the
>     individual or entity to which it is addressed.
>     If you are not the intended recipient, please delete this email
>     immediately.
>
>
>
>
> -- 
> Colm O hEigeartaigh
>
> Talend Community Coder
> http://coders.talend.com



This email communication (including any attachments) may contain confidential and/or privileged
material intended solely for the individual or entity to which it is addressed.
If you are not the intended recipient, please delete this email immediately.
Mime
View raw message