You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ws.apache.org by "massimiliano.masi@gmail.com" <ma...@gmail.com> on 2012/07/02 13:55:18 UTC
SecurityTokenReference and SAML HoK NPE
Hi All,
I have a wsse:Header like
Timestamp
Saml2 Assertion (without Subject Confirmation Data)
ds:Signature with wsse:SecurityTokenReference the SAML2 ID, signing the
timestamp.
It's basically a ws-securitypolicy layout.
When validating the signature, I have troubles. If both Callback and
subject confirmation data is
null, I have an NPE in SAMLUtil line 264 (version 1.6.6)
Element sub = subjConfData.getDOM();
which is null.
--
Massimiliano Masi
http://www.mascanc.net/~max
Re: SecurityTokenReference and SAML HoK NPE
Posted by Colm O hEigeartaigh <co...@apache.org>.
Hi,
Just to check - are you raising a bug, or just the fact that it should
handle the exception properly? Could you attach the stacktrace + failing
message?
Colm.
On Mon, Jul 2, 2012 at 12:55 PM, massimiliano.masi@gmail.com <
massimiliano.masi@gmail.com> wrote:
> Hi All,
>
> I have a wsse:Header like
>
> Timestamp
> Saml2 Assertion (without Subject Confirmation Data)
> ds:Signature with wsse:SecurityTokenReference the SAML2 ID, signing the
> timestamp.
>
> It's basically a ws-securitypolicy layout.
>
> When validating the signature, I have troubles. If both Callback and
> subject confirmation data is
> null, I have an NPE in SAMLUtil line 264 (version 1.6.6)
>
> Element sub = subjConfData.getDOM();
>
> which is null.
>
> --
> Massimiliano Masi
>
> http://www.mascanc.net/~max
>
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com