You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by "Nandana Mihindukulasooriya (JIRA)" <ji...@apache.org> on 2007/12/13 13:35:45 UTC
[jira] Assigned: (RAMPART-115) Incrorrect reference URI in the soap
response in Secure Conversation Scenarios
[ https://issues.apache.org/jira/browse/RAMPART-115?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Nandana Mihindukulasooriya reassigned RAMPART-115:
--------------------------------------------------
Assignee: Nandana Mihindukulasooriya
> Incrorrect reference URI in the soap response in Secure Conversation Scenarios
> ------------------------------------------------------------------------------
>
> Key: RAMPART-115
> URL: https://issues.apache.org/jira/browse/RAMPART-115
> Project: Rampart
> Issue Type: Bug
> Components: rampart-core
> Reporter: Nandana Mihindukulasooriya
> Assignee: Nandana Mihindukulasooriya
> Attachments: RAMPART-115.patch
>
>
> Currently generated reference URI in the signature element is something like
> <ds:KeyInfo Id="KeyId-23512756">
> <wsse:SecurityTokenReference xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="STRId-8347238">
> <wsse:Reference URI="#urn:uuid:7C508C42E7E4A7A229119570507177149" ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID" />
> </wsse:SecurityTokenReference>
> </ds:KeyInfo>
> where it should be something like,
> <ds:KeyInfo Id="KeyId-23512756">
> <wsse:SecurityTokenReference xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="STRId-8347238">
> <wsse:Reference URI="#sctId-23510169" ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID" />
> </wsse:SecurityTokenReference>
> </ds:KeyInfo>
> This happens because when SimpleTokenStore finds the token using attached reference or unattached reference, the returned token's id is not the same id
> we entered to retrieve the token. So the incorrect value is used in reference URI.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.