You are viewing a plain text version of this content. The canonical link for it is here.

Posted to rampart-dev@ws.apache.org by "Rasmus Rhein Helwigh (JIRA)" <ji...@apache.org> on 2008/04/22 15:26:23 UTC

[jira] Updated: (RAMPART-154) org.apache.rahas.client.STSClient.org.apache.rahas.processIssueResponse fails if SamlAssertion is issued.

     [ https://issues.apache.org/jira/browse/RAMPART-154?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Rasmus Rhein Helwigh updated RAMPART-154:
-----------------------------------------

    Attachment: patch.txt

I've attatched the patch. I don't know if it's in the correct format. Please let med know if there's any problems.

> org.apache.rahas.client.STSClient.org.apache.rahas.processIssueResponse fails if SamlAssertion is issued.
> ---------------------------------------------------------------------------------------------------------
>
>                 Key: RAMPART-154
>                 URL: https://issues.apache.org/jira/browse/RAMPART-154
>             Project: Rampart
>          Issue Type: Bug
>          Components: rampart-policy
>         Environment: Latest Rampart and Wss4j on a windows platform.
>            Reporter: Rasmus Rhein Helwigh
>            Assignee: Ruchith Udayanga Fernando
>         Attachments: patch.txt
>
>
> the method processIssueResponse throws a trustexception if findIdentifier returns null. This is a problem since SAML Assertions don't has a AssertionID attribute instead of an ID attribute. 
> One solution could be to look for the assertionID attribute as well. Another could be to ignore the ID if it isn't found.
> The example below shows a version of findIdentifier that also works with SAML 1.1 Assetions
> private String findIdentifier(OMElement reqAttRef,
>                                   OMElement reqUnattRef,
>                                   OMElement token) {
>         String id;
>         if (reqAttRef != null) {
>             //First try the attached ref
>             id = this.getIdFromSTR(reqAttRef);
>         } else if (reqUnattRef != null) {
>             //then try the unattached ref
>             id = this.getIdFromSTR(reqUnattRef);
>         } else {
>             //Return wsu:Id of the token element
>             id = token.getAttributeValue(new QName(WSConstants.WSU_NS, "Id"));
>             if ( id == null )
>             {
>             	id = token.getAttributeValue(new QName( "AssertionID"));
>             }
>         }
>         	
>         return id;
>     }

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.