[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [OASIS Issue Tracker] Commented: (WSBRSP-3) WS-I Test Tool BSP3070 assertion failure on valid absence of an EncodingType attribute
[ http://tools.oasis-open.org/issues/browse/WSBRSP-3?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=33467#action_33467 ]
Gershon Janssen commented on WSBRSP-3:
--------------------------------------
Jacques Durand commented:
As far as I can it is a test tool bug: the message is compliant as far as R3070 is concerned: it uses a valid SAML token reference (per R6617) and therefore is not required to have an EncodingType attribute.
> WS-I Test Tool BSP3070 assertion failure on valid absence of an EncodingType attribute
> --------------------------------------------------------------------------------------
>
> Key: WSBRSP-3
> URL: http://tools.oasis-open.org/issues/browse/WSBRSP-3
> Project: OASIS Web Services Basic Reliable and Secure Profiles (WS-BRSP) TC
> Issue Type: Bug
> Reporter: Gershon Janssen
> Assignee: Jacques Durand
> Priority: Minor
>
> Original message: https://lists.oasis-open.org/archives/ws-brsp-comment/201304/msg00000.html
> Issue reported by Jim Ma <ema@redhat.com>.
> When I check ws-i bsp compliance of the following soap message[1] with the test tool (download from [2]) ,
> the analyzed report with BasicSecurityProfile-1.1-TAD always complains BSP3070 assertion failed and a wsse:KeyIndetifier
> element does NOT contain a EncodingType attribute (i.e., it is NOT the case that "./self::wsse:KeyIdentifier[@EncodingType]").
> But the BasicSecurityProfile-1.1 says it is not required if it refers to a SAML token :
> R3070 Any STR_KEY_IDENTIFIER that refers to a SECURITY_TOKEN other than a SAML_TOKEN MUST specify an EncodingType attribute
> Is this a bug in test tool or it doesn't support saml-token-profile-1.1 ?
> [1]
> <ds:KeyInfo Id="KI-BCF3790C6A856CAB8013662645516286">
> <ns4:SecurityTokenReference xmlns:ns4="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
> xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd";
> wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0";>
> <ns4:KeyIdentifier
> ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID";>_3DF61F55AC044E478A13662645512771</ns4:KeyIdentifier>
> </ns4:SecurityTokenReference>
> </ds:KeyInfo>
> [2]http://www.ws-i.org/Testing/Tools/Attach_17_WSI_Test_Java_WGD_BSP_1.1.zip
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://tools.oasis-open.org/issues/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]