You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by "Rasmus Rhein Helwigh (JIRA)" <ji...@apache.org> on 2008/04/22 15:26:23 UTC
[jira] Updated: (RAMPART-154)
org.apache.rahas.client.STSClient.org.apache.rahas.processIssueResponse
fails if SamlAssertion is issued.
[ https://issues.apache.org/jira/browse/RAMPART-154?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rasmus Rhein Helwigh updated RAMPART-154:
-----------------------------------------
Attachment: patch.txt
I've attatched the patch. I don't know if it's in the correct format. Please let med know if there's any problems.
> org.apache.rahas.client.STSClient.org.apache.rahas.processIssueResponse fails if SamlAssertion is issued.
> ---------------------------------------------------------------------------------------------------------
>
> Key: RAMPART-154
> URL: https://issues.apache.org/jira/browse/RAMPART-154
> Project: Rampart
> Issue Type: Bug
> Components: rampart-policy
> Environment: Latest Rampart and Wss4j on a windows platform.
> Reporter: Rasmus Rhein Helwigh
> Assignee: Ruchith Udayanga Fernando
> Attachments: patch.txt
>
>
> the method processIssueResponse throws a trustexception if findIdentifier returns null. This is a problem since SAML Assertions don't has a AssertionID attribute instead of an ID attribute.
> One solution could be to look for the assertionID attribute as well. Another could be to ignore the ID if it isn't found.
> The example below shows a version of findIdentifier that also works with SAML 1.1 Assetions
> private String findIdentifier(OMElement reqAttRef,
> OMElement reqUnattRef,
> OMElement token) {
> String id;
> if (reqAttRef != null) {
> //First try the attached ref
> id = this.getIdFromSTR(reqAttRef);
> } else if (reqUnattRef != null) {
> //then try the unattached ref
> id = this.getIdFromSTR(reqUnattRef);
> } else {
> //Return wsu:Id of the token element
> id = token.getAttributeValue(new QName(WSConstants.WSU_NS, "Id"));
> if ( id == null )
> {
> id = token.getAttributeValue(new QName( "AssertionID"));
> }
> }
>
> return id;
> }
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.