Details

      Description

      Hello,
      When you want to sign the BinarySecurityToken with Wss4jSecurityInterceptor, in a previous version of spring 2.0.x and wss4j (1.5.x), you only had to add a special keyword Token in the signatureParts. Since spring-ws 2.1.x relies on wss4j 1.6.x, this keyword was removed from wss4j and the signature processing failed => Token element not found in the DOM. The current doc makes a reference to the old special keyword. Nowadays, it's impossible to sign the BST. When using STRTransform, we don't sign the BST but just a reference, that's not really the same issue and the signature validation fails on server.

      if you have a replacement procedure in order to sign the BST, i will take it quickly.

      Best regards

        Activity

        Hide
        arjen.poutsma Arjen Poutsma added a comment -

        Fixed by removing the paragraph from the documentation.

        Show
        arjen.poutsma Arjen Poutsma added a comment - Fixed by removing the paragraph from the documentation.

          People

          • Assignee:
            arjen.poutsma Arjen Poutsma
            Reporter:
            stephane.cizeron stephane cizeron
          • Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: