JiriOndrusek commented on PR #1660: URL: https://github.com/apache/cxf/pull/1660#issuecomment-1919158378
Hi @ffang , I continued with the work on this feature. Work is almost done, I'm stuck on a following problem: When I try to customize the alg. suite for he stax server, wss4j is validating the runtime usage of algorithms with assertions. Runtime is using customized values, assertion contains the default values. Solution is simple, the assertion has to be customized as well. (I did the same for the non-stax case) Unfortunately I can not find a correct way of changing such parameter. If you look into this line - https://github.com/apache/cxf/blob/1bf24e1193c0decffcc3b34328b1c41a035201fe/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/PolicyBasedWSS4JStaxInInterceptor.java#L436 You can see `operationPolicies`, this variable is containing the assertion values and it seems, that it is the unserialized policy.xml. If I can access the AlgorithSuiteType, I can customize it by one line. Do you have an idea, how to access this reference? I'm adding a screenshot of the first policyComponent from my test `WSSecurity10CustomizedAlgorithmSuiteTest`  -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
