[jbossws-issues] [JBoss JIRA] (JBWS-3831) Failure of test org.jboss.test.ws.jaxws.samples.wsse.policy.oasis.WSSecurityPolicyExamples23xTestCase
R Searls (JIRA)
issues at jboss.org
Thu Sep 18 15:23:02 EDT 2014
[ https://issues.jboss.org/browse/JBWS-3831?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13004063#comment-13004063 ]
R Searls commented on JBWS-3831:
--------------------------------
There has been a change in the evaluation of the "bearer" signature checking in
the apache code. jbossws-cxf (5.0.0-SNAPSHOT) uses 2 updated apache archives,
<cxf.version>3.0.2-SNAPSHOT</cxf.version>
<wss4j.version>2.0.2-SNAPSHOT</wss4j.version>
(wss4j code repo: http://svn.apache.org/repos/asf/webservices/wss4j/trunk)
There was a major change in "bearer" signature identification in class, org.apache.wss4j.dom.processor.SAMLTokenProcessor. (log comment:
r1624049 | coheigea | 2014-09-10 12:06:15 -0400 (Wed, 10 Sep 2014) | 1 line
Record SAML Token signed results so that it can be used in SignedElements evaluation.
)
Below is the diff of the most current rev (r1624049) and the prev rev (r1609062)
(Used cmd svn diff -r 1609062 ./ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SAMLTokenProcessor.java
)
Lines starting with (-) is the prev and lines starting with (+) are the current.
There is a significant change starting with "SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(elem);"
@@ -76,8 +80,15 @@
Validator validator =
data.getValidator(new QName(elem.getNamespaceURI(), elem.getLocalName()));
- Credential credential = handleSAMLToken(elem, data, validator, wsDocInfo);
- SamlAssertionWrapper samlAssertion = credential.getSamlAssertion();
+
+ SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(elem);
+ XMLSignature xmlSignature =
+ verifySignatureKeysAndAlgorithms(samlAssertion, data, wsDocInfo);
+ List<WSDataRef> dataRefs = createDataRefs(elem, samlAssertion, xmlSignature);
+
+ Credential credential =
+ handleSAMLToken(samlAssertion, data, validator, wsDocInfo);
+ samlAssertion = credential.getSamlAssertion();
if (LOG.isDebugEnabled()) {
:
:
For these 2 "bearer" tests no signature is found in the message.
Evaluation is continuing to determine why this is true and how to resolve it.
> Failure of test org.jboss.test.ws.jaxws.samples.wsse.policy.oasis.WSSecurityPolicyExamples23xTestCase
> -----------------------------------------------------------------------------------------------------
>
> Key: JBWS-3831
> URL: https://issues.jboss.org/browse/JBWS-3831
> Project: JBoss Web Services
> Issue Type: Bug
> Components: jbossws-cxf
> Reporter: R Searls
> Assignee: R Searls
>
> This test failure started with the switch to jbossws-cxf (5.0.0-SNAPSHOT).
> Only tests test2311 and test2321 in org.jboss.test.ws.jaxws.samples.wsse.policy.oasis.WSSecurityPolicyExamples23xTestCase are failing.
> ---
> test2321(org.jboss.test.ws.jaxws.samples.wsse.policy.oasis.WSSecurityPolicyExamples23xTestCase):
> An error was discovered processing the <wsse:Security> header.
> test2311(org.jboss.test.ws.jaxws.samples.wsse.policy.oasis.WSSecurityPolicyExamples23xTestCase):
> SAML token security failure
--
This message was sent by Atlassian JIRA
(v6.3.1#6329)
More information about the jbossws-issues
mailing list