You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ws.apache.org by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org> on 2011/05/20 15:30:47 UTC
[jira] [Resolved] (WSS-286) Evidence element not present in SAML
AuthzDecisionStatement
[ https://issues.apache.org/jira/browse/WSS-286?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Colm O hEigeartaigh resolved WSS-286.
-------------------------------------
Resolution: Fixed
Fixed, thanks. I also fixed it for the SAML1 case.
Colm.
> Evidence element not present in SAML AuthzDecisionStatement
> -----------------------------------------------------------
>
> Key: WSS-286
> URL: https://issues.apache.org/jira/browse/WSS-286
> Project: WSS4J
> Issue Type: Bug
> Components: WSS4J Core, WSS4J Handlers
> Affects Versions: 1.6
> Environment: CXF 2.4.0, WS4J 1.6.0, Windows XP, Apache Tomcat 7.0.5
> Reporter: David Morris
> Assignee: Colm O hEigeartaigh
> Fix For: 1.6.1
>
> Attachments: SAML2ComponentBuilder.java
>
> Original Estimate: 48h
> Remaining Estimate: 48h
>
> Running SOAPUI test, the SAML AuthzDecisionStatement evidence element is not present. The code worked with openSAML2.0 and CXF 2.3.x (via interceptors) before SAMLCallBackHandler in CXF 2.4.0. Resolved issue below example.
> Example:
>
> <saml2:AuthzDecisionStatement>
> <saml2:Action.../>
> <saml2:Evidence...> <!-this is missing -- >
> <saml2:Assertion...>
> </saml2:Evidence>
> </saml2:AuthzDecisionStatement>
> //Build Evidence
> EvidenceBuilder evidenceBuilder = new EvidenceBuilder(); Evidence
> evidence = evidenceBuilder.buildObject();
>
> //Build assertion for Evidence
> AssertionBuilder assertionBuilder = new AssertionBuilder(); Assertion
> assertion = assertionBuilder.buildObject();
> assertion.setVersion(SAMLVersion.VERSION_20);
> ...
> authDecisionStatementBean.setEvidence(evidence);
> Resolution updated the createAuthorizationDecisionStatement method in org.apache.ws.security.saml.ext.builder.SAML2ComponentBuilder:
>
> /**
> * Create SAML2 AuthorizationDecisionStatement(s)
> *
> * @param decisionData A list of AuthDecisionStatementBean instances
> * @return SAML2 AuthorizationDecisionStatement(s)
> */
> @SuppressWarnings("unchecked")
> public static List<AuthzDecisionStatement> createAuthorizationDecisionStatement(
> List<AuthDecisionStatementBean> decisionData
> ) {
>
> List<AuthzDecisionStatement> authDecisionStatements = new ArrayList();
> if (authorizationDecisionStatementBuilder == null) {
> authorizationDecisionStatementBuilder =
> (SAMLObjectBuilder<AuthzDecisionStatement>)
> builderFactory.getBuilder(AuthzDecisionStatement.DEFAULT_ELEMENT_NAME);
> }
> if (decisionData != null && decisionData.size() > 0) {
> for (AuthDecisionStatementBean decisionStatementBean : decisionData) {
> AuthzDecisionStatement authDecision =
> authorizationDecisionStatementBuilder.buildObject();
> authDecision.setResource(decisionStatementBean.getResource());
> authDecision.setDecision(
> transformDecisionType(decisionStatementBean.getDecision())
> );
> for (ActionBean actionBean : decisionStatementBean.getActions()) {
> Action actionElement = createSamlAction(actionBean);
> authDecision.getActions().add(actionElement);
> }
>
> //Check for Evidence
> if (decisionStatementBean.getEvidence()!=null && decisionStatementBean.getEvidence() instanceof Evidence)
> {
> authDecision.setEvidence((Evidence)decisionStatementBean.getEvidence());
> }
>
> authDecisionStatements.add(authDecision);
> }
> }
> return authDecisionStatements;
> }
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org