Bug 2907 - Secure Conversation (Encryption) does not provide any message level security for the SOAP headers
: Secure Conversation (Encryption) does not provide any message level security ...
Status: ASSIGNED
: Java WS Security
Authentication
: unspecified
: PC Linux
: P3 major
: 4.0.1
Assigned To:
:
:
:
:
  Show dependency treegraph
 
Reported: 2005-03-08 17:39 by
Modified: 2005-08-31 09:19 (History)


Attachments


Note

You need to log in before you can comment on or make changes to this bug.


Description From 2005-03-08 17:39:36
When Secure Conversation Encryption is enabled for a service/resource
invocation, the headers of the SOAP messages is not signed or encrypted.
So, there is no confidentiality or integrity provided for the headers.