You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org> on 2011/08/24 17:10:29 UTC
[jira] [Created] (CXF-3761) STSClient can't process EncryptedKey
elements received from an STS
STSClient can't process EncryptedKey elements received from an STS
------------------------------------------------------------------
Key: CXF-3761
URL: https://issues.apache.org/jira/browse/CXF-3761
Project: CXF
Issue Type: Bug
Affects Versions: 2.4.2, 2.3.6
Reporter: Colm O hEigeartaigh
Assignee: Colm O hEigeartaigh
Fix For: 2.3.7, 2.4.3, 2.5
There is a bug in the STSClient when processing a RequestedProofToken received from an STS. This element can contain an EncryptedKey child, but the STSClient searches in the wrong namespace and so never finds the element.
Secondly, the STSClient doesn't support the scenario where a RequestedProofToken contains a ComputedKey, and the associated Entropy element has an EncryptedKey child (instead of a BinarySecret).
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Resolved] (CXF-3761) STSClient can't process EncryptedKey
elements received from an STS
Posted by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/CXF-3761?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Colm O hEigeartaigh resolved CXF-3761.
--------------------------------------
Resolution: Fixed
> STSClient can't process EncryptedKey elements received from an STS
> ------------------------------------------------------------------
>
> Key: CXF-3761
> URL: https://issues.apache.org/jira/browse/CXF-3761
> Project: CXF
> Issue Type: Bug
> Affects Versions: 2.3.6, 2.4.2
> Reporter: Colm O hEigeartaigh
> Assignee: Colm O hEigeartaigh
> Fix For: 2.3.7, 2.4.3, 2.5
>
>
> There is a bug in the STSClient when processing a RequestedProofToken received from an STS. This element can contain an EncryptedKey child, but the STSClient searches in the wrong namespace and so never finds the element.
> Secondly, the STSClient doesn't support the scenario where a RequestedProofToken contains a ComputedKey, and the associated Entropy element has an EncryptedKey child (instead of a BinarySecret).
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira