You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by "Thilina Buddhika (JIRA)" <ji...@apache.org> on 2010/02/18 09:44:27 UTC
[jira] Created: (RAMPART-285) Interoporability issues in SAML 2.0
implementation
Interoporability issues in SAML 2.0 implementation
--------------------------------------------------
Key: RAMPART-285
URL: https://issues.apache.org/jira/browse/RAMPART-285
Project: Rampart
Issue Type: Bug
Components: rampart-trust
Reporter: Thilina Buddhika
Assignee: Ruchith Udayanga Fernando
In the current SAML 2.0 implementation, there are two places which cause some interoperability issues with other implementations.
1. It should use generic SubjectConfirmationElement when processing the assertion.
2. Attributes "NotBefore" and "NotOnOrAfter" should be set in a Conditions element. Currently it is set in the SubjectConfirmationData element, which defines validity period only for the Subject element, not the entire assertion.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (RAMPART-285) Interoporability issues in SAML 2.0
implementation
Posted by "Prabath Siriwardena (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-285?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12866103#action_12866103 ]
Prabath Siriwardena commented on RAMPART-285:
---------------------------------------------
Applied the patch at revision: 943055
Thanks Thilina for the patch.
Thanks & regards.
-Prabath
> Interoporability issues in SAML 2.0 implementation
> --------------------------------------------------
>
> Key: RAMPART-285
> URL: https://issues.apache.org/jira/browse/RAMPART-285
> Project: Rampart
> Issue Type: Bug
> Components: rampart-trust
> Reporter: Thilina Buddhika
> Assignee: Ruchith Udayanga Fernando
> Attachments: rampart-interop.patch
>
>
> In the current SAML 2.0 implementation, there are two places which cause some interoperability issues with other implementations.
>
> 1. It should use generic SubjectConfirmationElement when processing the assertion.
> 2. Attributes "NotBefore" and "NotOnOrAfter" should be set in a Conditions element. Currently it is set in the SubjectConfirmationData element, which defines validity period only for the Subject element, not the entire assertion.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (RAMPART-285) Interoporability issues in SAML 2.0
implementation
Posted by "Thilina Buddhika (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-285?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Thilina Buddhika updated RAMPART-285:
-------------------------------------
Attachment: rampart-interop.patch
A patch which solves the above issue is attached herewith.
> Interoporability issues in SAML 2.0 implementation
> --------------------------------------------------
>
> Key: RAMPART-285
> URL: https://issues.apache.org/jira/browse/RAMPART-285
> Project: Rampart
> Issue Type: Bug
> Components: rampart-trust
> Reporter: Thilina Buddhika
> Assignee: Ruchith Udayanga Fernando
> Attachments: rampart-interop.patch
>
>
> In the current SAML 2.0 implementation, there are two places which cause some interoperability issues with other implementations.
>
> 1. It should use generic SubjectConfirmationElement when processing the assertion.
> 2. Attributes "NotBefore" and "NotOnOrAfter" should be set in a Conditions element. Currently it is set in the SubjectConfirmationData element, which defines validity period only for the Subject element, not the entire assertion.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.