[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [OASIS Issue Tracker] (EBXMLMSG-97) 7.11.2 X.509 tokens in Pull requests targeted to default role
Pim van der Eijk created EBXMLMSG-97:
----------------------------------------
Summary: 7.11.2 X.509 tokens in Pull requests targeted to default role
Key: EBXMLMSG-97
URL: https://issues.oasis-open.org/browse/EBXMLMSG-97
Project: OASIS ebXML Messaging Services TC
Issue Type: Bug
Components: Core Spec
Reporter: Pim van der Eijk
When sending a UserMessage, the following parameter configures the use of X.509 or Username tokens on that message:
PMode[1].Security.X509.*
PMode[1].Security.UsernameToken.*
This applies to the user message. So if the user message is pulled, it applies to the pulled user message, not to the pull request.
Section 7.10 describes that Pull requests can be authorized using a secondary WS-Security header targeting the "ebms" role. This is configured using the following parameters:
PMode.Initiator.Authorization.*
This option is supported in AS4 (section 2.1.1) ebHandler as Authorization option 1.
Section 7.11.2 states that PullRequests can also be secured using WS-Security tokens targeting the default "role". Section 7.10 actually has an example that contains two WS-Security headers, targeting different roles. AS4 ebHandler refers to this as Authorization Option 2. In the Core Specification it is not clear how this header is configured.
See the next separate issue on AS4 and securing pull requests.
--
This message was sent by Atlassian JIRA
(v6.2.2#6258)
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]