[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [OASIS Issue Tracker] Commented: (WSBRSP-3) WS-I Test Tool BSP3070 assertion failure on valid absence of an EncodingType attribute
[ http://tools.oasis-open.org/issues/browse/WSBRSP-3?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=33467#action_33467 ] Gershon Janssen commented on WSBRSP-3: -------------------------------------- Jacques Durand commented: As far as I can it is a test tool bug: the message is compliant as far as R3070 is concerned: it uses a valid SAML token reference (per R6617) and therefore is not required to have an EncodingType attribute. > WS-I Test Tool BSP3070 assertion failure on valid absence of an EncodingType attribute > -------------------------------------------------------------------------------------- > > Key: WSBRSP-3 > URL: http://tools.oasis-open.org/issues/browse/WSBRSP-3 > Project: OASIS Web Services Basic Reliable and Secure Profiles (WS-BRSP) TC > Issue Type: Bug > Reporter: Gershon Janssen > Assignee: Jacques Durand > Priority: Minor > > Original message: https://lists.oasis-open.org/archives/ws-brsp-comment/201304/msg00000.html > Issue reported by Jim Ma <ema@redhat.com>. > When I check ws-i bsp compliance of the following soap message[1] with the test tool (download from [2]) , > the analyzed report with BasicSecurityProfile-1.1-TAD always complains BSP3070 assertion failed and a wsse:KeyIndetifier > element does NOT contain a EncodingType attribute (i.e., it is NOT the case that "./self::wsse:KeyIdentifier[@EncodingType]"). > But the BasicSecurityProfile-1.1 says it is not required if it refers to a SAML token : > R3070 Any STR_KEY_IDENTIFIER that refers to a SECURITY_TOKEN other than a SAML_TOKEN MUST specify an EncodingType attribute > Is this a bug in test tool or it doesn't support saml-token-profile-1.1 ? > [1] > <ds:KeyInfo Id="KI-BCF3790C6A856CAB8013662645516286"> > <ns4:SecurityTokenReference xmlns:ns4="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" > xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd" > wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0"> > <ns4:KeyIdentifier > ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID">_3DF61F55AC044E478A13662645512771</ns4:KeyIdentifier> > </ns4:SecurityTokenReference> > </ds:KeyInfo> > [2]http://www.ws-i.org/Testing/Tools/Attach_17_WSI_Test_Java_WGD_BSP_1.1.zip -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://tools.oasis-open.org/issues/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]