You are viewing a plain text version of this content. The canonical link for it is here.

Posted to rampart-dev@ws.apache.org by "Nandana Mihindukulasooriya (JIRA)" <ji...@apache.org> on 2007/12/13 13:35:45 UTC

[jira] Assigned: (RAMPART-115) Incrorrect reference URI in the soap response in Secure Conversation Scenarios

     [ https://issues.apache.org/jira/browse/RAMPART-115?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Nandana Mihindukulasooriya reassigned RAMPART-115:
--------------------------------------------------

    Assignee: Nandana Mihindukulasooriya

> Incrorrect reference URI in the soap response in Secure Conversation Scenarios
> ------------------------------------------------------------------------------
>
>                 Key: RAMPART-115
>                 URL: https://issues.apache.org/jira/browse/RAMPART-115
>             Project: Rampart
>          Issue Type: Bug
>          Components: rampart-core
>            Reporter: Nandana Mihindukulasooriya
>            Assignee: Nandana Mihindukulasooriya
>         Attachments: RAMPART-115.patch
>
>
> Currently generated reference URI in the signature element is something like
> <ds:KeyInfo Id="KeyId-23512756">
>     <wsse:SecurityTokenReference xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="STRId-8347238">
>         <wsse:Reference URI="#urn:uuid:7C508C42E7E4A7A229119570507177149" ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID" />
>      </wsse:SecurityTokenReference>
>  </ds:KeyInfo>
> where it should be something like,
> <ds:KeyInfo Id="KeyId-23512756">
>     <wsse:SecurityTokenReference xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="STRId-8347238">
>         <wsse:Reference URI="#sctId-23510169" ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID" />
>      </wsse:SecurityTokenReference>
>  </ds:KeyInfo>
> This happens because when SimpleTokenStore finds the token using attached reference or unattached reference, the returned token's id is not the same id
> we entered to retrieve the token. So the incorrect value is used in reference URI.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.