4584 2006-07-12 10:48 security descriptor uses operation field name instead of QName 2008-01-18 16:06:44 1 1 1 Unclassified Java WS Security Authentication unspecified PC Linux RESOLVED FIXED P1 normal 4.2.0 1 lane@mcs.anl.gov ranantha@mcs.anl.gov jwscore-dev@globus.org lane@mcs.anl.gov 2006-07-12 10:48:27 The security descriptor uses the operation field name (ElementDesc.fieldName) instead of the full QName in the name attribute of the method element under methodAuthentication. This causes confusion when the operation definition in the WSDL specifies an operation name with a begining capital letter. The field name is de-capitalized by Axis, so the security descriptor doesn't match the schema. This can cause problems such as gridmap authz not being performed since the operation isn't technically listed in the security descriptor. I think it would be better to use the full QName instead to match what's defined in the schema. ranantha@mcs.anl.gov 2008-01-18 16:06:44 Support for QName of method to specify policy has been added to trunk code. QName or local name can be used for method authentication policy. Documentation has been updated.