Use of key name to select TLS or signing cred for SOAP client breaks trust resolution
Basics
Technical
Logistics
Basics
Technical
Logistics
Description
Use of a single credential criteria object as input to SOAP client is flawed. As a result of using the same criteria object for resolving both local and peer creds, the use of a keyName to override the signing or TLS key used in a SOAP call causes the lookup by the trust engine during SOAP processing to fail. The local key name gets used as a filter on metadata-derived keys, causing none to be returned.
Use of a single credential criteria object as input to SOAP client is flawed. As a result of using the same criteria object for resolving both local and peer creds, the use of a keyName to override the signing or TLS key used in a SOAP call causes the lookup by the trust engine during SOAP processing to fail. The local key name gets used as a filter on metadata-derived keys, causing none to be returned.