You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@cxf.apache.org by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org> on 2013/01/11 16:22:12 UTC

[jira] [Resolved] (CXF-4746) STS issues invalid SAML 1.1 Assertions under certain conditions

     [ https://issues.apache.org/jira/browse/CXF-4746?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Colm O hEigeartaigh resolved CXF-4746.
--------------------------------------

    Resolution: Fixed
    
> STS issues invalid SAML 1.1 Assertions under certain conditions
> ---------------------------------------------------------------
>
>                 Key: CXF-4746
>                 URL: https://issues.apache.org/jira/browse/CXF-4746
>             Project: CXF
>          Issue Type: Bug
>          Components: Services
>    Affects Versions: 2.5.8, 2.6.5, 2.7.2
>            Reporter: Colm O hEigeartaigh
>            Assignee: Colm O hEigeartaigh
>             Fix For: 2.5.9, 2.6.6, 2.7.3
>
>
> The STS issues invalid SAML 1.1 Assertions under certain conditions. Namely, if an AttributeStatementProvider (such as the ClaimsAttributeStatementProvider) is explicitly configured on the SAMLTokenProvider, but no AttributeStatement is actually added (for example, if the client doesn't present any claims).
> In this case, a SAML 1.1 Assertion can be issued with no Statements, something which is invalid according to the schema.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira