[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [OASIS Issue Tracker] (EBXMLMSG-97) 7.11.2 X.509 tokens in Pull requests targeted to default role
Pim van der Eijk created EBXMLMSG-97: ---------------------------------------- Summary: 7.11.2 X.509 tokens in Pull requests targeted to default role Key: EBXMLMSG-97 URL: https://issues.oasis-open.org/browse/EBXMLMSG-97 Project: OASIS ebXML Messaging Services TC Issue Type: Bug Components: Core Spec Reporter: Pim van der Eijk When sending a UserMessage, the following parameter configures the use of X.509 or Username tokens on that message: PMode[1].Security.X509.* PMode[1].Security.UsernameToken.* This applies to the user message. So if the user message is pulled, it applies to the pulled user message, not to the pull request. Section 7.10 describes that Pull requests can be authorized using a secondary WS-Security header targeting the "ebms" role. This is configured using the following parameters: PMode.Initiator.Authorization.* This option is supported in AS4 (section 2.1.1) ebHandler as Authorization option 1. Section 7.11.2 states that PullRequests can also be secured using WS-Security tokens targeting the default "role". Section 7.10 actually has an example that contains two WS-Security headers, targeting different roles. AS4 ebHandler refers to this as Authorization Option 2. In the Core Specification it is not clear how this header is configured. See the next separate issue on AS4 and securing pull requests. -- This message was sent by Atlassian JIRA (v6.2.2#6258)
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]