Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

XWS Security SignatureMethod with algorithm Hmac-sha1 [SWS-952] #1023

Open
gregturn opened this issue Mar 22, 2016 · 0 comments
Open

XWS Security SignatureMethod with algorithm Hmac-sha1 [SWS-952] #1023

gregturn opened this issue Mar 22, 2016 · 0 comments

Comments

@gregturn
Copy link
Member

@gregturn gregturn commented Mar 22, 2016

Wajdi opened SWS-952 and commented

I have created an XWSSecurityInterceptor with a configurationPolicy within a file named policy.xml.

When I put
<xwss:SignatureMethod algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> , then everything went fine and my SOAP message got signed.

But, when I put
<xwss:SignatureMethod algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1"/> then I can see that an EncryptionKeyCallBack was trigged and not a SignatureKeyCallback. And as a result I have a NullPointerException in the SignatureProcessor ( line 408).

I am quiet sure that a policy file with no <Encrypt> that can somehow find an EncryptionKeyCallBack within it's XWSSecurityInterceptor, means that there is a bug.

Can anyone see and help me understand what's going on here?


Affects: 2.2.4

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
1 participant
You can’t perform that action at this time.