[jira] [Commented] (CXF-6464) The derived key versions of sign/encrypt in SymmetricBindingHandler don't support attachments

Tue, 16 Jun 2015 05:39:24 -0700 

    [ 
https://issues.apache.org/jira/browse/CXF-6464?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14587962#comment-14587962
 ] 

ASF GitHub Bot commented on CXF-6464:
-------------------------------------

GitHub user spark404 opened a pull request:

    https://github.com/apache/cxf/pull/77

    CXF-6464 Add attachment support to derived key sign/encrypt

    This depends on WSS-541 and won't build until that change is merged.
    
    Note the dependency change to wss4j 2.1.2-SNAPSHOT to reflect this.

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/spark404/cxf CXF-6464

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/cxf/pull/77.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #77
    
----
commit 3ba4284a6d3feb9aa3ce9da950eea13e4c6e6f49
Author: Hugo Trippaers <htrippa...@schubergphilis.com>
Date:   2015-06-16T12:35:31Z

    CXF-6464 Add attachment support to derived key sign/encrypt

----


> The derived key versions of sign/encrypt in SymmetricBindingHandler don't 
> support attachments
> ---------------------------------------------------------------------------------------------
>
>                 Key: CXF-6464
>                 URL: https://issues.apache.org/jira/browse/CXF-6464
>             Project: CXF
>          Issue Type: Bug
>          Components: WS-* Components
>    Affects Versions: 3.1.1
>            Reporter: Hugo Trippaers
>             Fix For: 3.1.2
>
>
> Adding a sp:Attachment policy to the binding policy eventually causes client 
> requests to fail with the following exception.
> Caused by: org.apache.wss4j.common.ext.WSSecurityException: Cannot setup 
> signature data structure
> Original Exception was org.apache.wss4j.common.ext.WSSecurityException: no 
> attachment callbackhandler supplied
>       at 
> org.apache.wss4j.dom.message.WSSecSignatureBase.addReferencesToSign(WSSecSignatureBase.java:204)
>       at 
> org.apache.wss4j.dom.message.WSSecDKSign.addReferencesToSign(WSSecDKSign.java:189)
>       at 
> org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doSignatureDK(SymmetricBindingHandler.java:732)
>       at 
> org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doSignature(SymmetricBindingHandler.java:757)
>       at 
> org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doSignBeforeEncrypt(SymmetricBindingHandler.java:342)
>       at 
> org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.handleBinding(SymmetricBindingHandler.java:126)
>       at 
> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessageInternal(PolicyBasedWSS4JOutInterceptor.java:174)
>       at 
> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:108)
>       at 
> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:95)



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to