[jbossws-issues] [JBoss JIRA] Updated: (JBWS-2978) WSA implementation does not check mismatch between soap action and wsa action
Jim Ma (JIRA)
jira-events at lists.jboss.org
Tue Mar 30 01:27:38 EDT 2010
[ https://jira.jboss.org/jira/browse/JBWS-2978?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jim Ma updated JBWS-2978:
-------------------------
Summary: WSA implementation does not check mismatch between soap action and wsa action (was: WSA implementation does not chcek mismatch between soap action and wsa action)
> WSA implementation does not check mismatch between soap action and wsa action
> -----------------------------------------------------------------------------
>
> Key: JBWS-2978
> URL: https://jira.jboss.org/jira/browse/JBWS-2978
> Project: JBoss Web Services
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Components: jbossws-native
> Affects Versions: jbossws-native-3.3.0.CR1
> Reporter: Jim Ma
> Assignee: Jim Ma
> Fix For: jbossws-native-3.3.0
>
>
> Web Services Addressing SOAP Binding spec section 4.2 :
> "Use of the SOAPAction HTTP request header field is required when using the SOAP 1.1 HTTP binding. The field-value of the SOAPAction HTTP request header MUST either be the value of the [action] property enclosed in quotation marks, or the empty value "". The latter case supports the ability to obscure the [action] property through SOAP-level security mechanisms, without requiring otherwise unnecessary transport-level security. Any other value for SOAPAction results in an Invalid Message Addressing Property fault."
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jbossws-issues
mailing list